2025-04-23
PaloaltoNetworks
Extortion and Ransomware Trends January-March 2025
#JumpyPisces
#Ransomware
#Trend
JumpyPisces
"Jumpy Pisces is a nation-state threat actor associated with the notorious Lazarus Group and the Democratic People’s Republic of Korea (DPRK). Jumpy Pisces is believed to be a subgroup of the Lazarus group that branched out around 2013. The group has demonstrated a high degree of adaptability, complexity and technical expertise in its operations, with a focus on cyber espionage, financial crime and ransomware attacks."
- PaloaltoNetworks, https://unit42.paloaltonetworks.com/threat-actor-groups-tracked-by-palo-alto-networks-unit-42/
Also known as
| Name | Named by | AKA | First seen | Last seen |
|---|---|---|---|---|
| APT45 | Mandiant | Andariel | 2024-07-26 | 2026-05-12 |
| Andariel | FSI | - | 2017-07-27 | 2026-05-28 |
| Clasiopa | Symantec | Andariel | 2023-02-23 | 2023-02-23 |
| FoolishSlug | Cloudflare | Andariel | 2026-03-03 | 2026-03-03 |
| G0138 | MITRE | Andariel | 2021-09-29 | 2021-09-29 |
| Hive0079 | IBM | Andariel | - | - |
| JumpyPisces | PaloaltoNetworks | Andariel | 2024-06-28 | 2025-04-23 |
| NickelHyatt | SecureWorks | Andariel | - | 2024-10-08 |
| Plutonium | Microsoft | Andariel | 2022-11-07 | 2022-11-07 |
| RedLight | KRCERT | Andariel | - | - |
| SectorA04 | NSHC | Andariel | 2020-03-12 | 2025-03-17 |
| SilentChollima | CrowdStrike | Andariel | 2014-04-21 | 2026-01-27 |
| Stonefly | Symantec | Andariel | 2022-04-27 | 2024-10-02 |
| TA430 | Proofpoint | Andariel | 2024-01-01 | 2024-01-01 |
| UNC4131 | Mandiant | Andariel | 2023-04-18 | 2023-04-18 |
| UNC4369 | Mandiant | Andariel | 2023-04-18 | 2023-04-18 |
| UNC614 | Mandiant | Andariel | 2023-02-16 | 2023-10-10 |