MONTHLY THREAT ACTOR GROUP INTELLIGENCE REPORT, JANUARY 2022
Contents
Monthly Threat Actor Group Intelligence Report, January 2022 (ENG)
This document is an overview of threat actor group activities as analyzed by NSHC ThreatRecon team, based on data and information collected since 21 December 2021 to 20 January 2022.
1. SectorA Activity Features
Activities by a total of 3 hacking groups were identified in January 2022, and these groups are SectorA02, SectorA05 and SectorA07 groups.
SectorA02 group was found to be active in South Korea. This group launched attacks targeted on workers in the field of North Korean policies, using phishing emails disguised as payment bills of credit card companies.
SectorA05 group was found to be active in South Korea and Bulgaria. The group distributed HWP format malwares disguised as documents related to North Korean policies.
SectorA07 group was found to be active in Russia. The group sent out spear phishing emails targeted on workers of a specific country’s government institutions and diplomats.
Hacking activities of SectorA …
This document is an overview of threat actor group activities as analyzed by NSHC ThreatRecon team, based on data and information collected since 21 December 2021 to 20 January 2022.
1. SectorA Activity Features
Activities by a total of 3 hacking groups were identified in January 2022, and these groups are SectorA02, SectorA05 and SectorA07 groups.
SectorA02 group was found to be active in South Korea. This group launched attacks targeted on workers in the field of North Korean policies, using phishing emails disguised as payment bills of credit card companies.
SectorA05 group was found to be active in South Korea and Bulgaria. The group distributed HWP format malwares disguised as documents related to North Korean policies.
SectorA07 group was found to be active in Russia. The group sent out spear phishing emails targeted on workers of a specific country’s government institutions and diplomats.
Hacking activities of SectorA …