APT45: North Korea’s Digital Military Machine
Essential information
- Published
- 26/07/2024 08:51
- Modified
- 26/07/2024 09:03
- Tags
- 2024-07-26 3proxy andariel apt45 dprk maui ransomware onyx sleet rifle rogueye shatteredglass silent chollima stonefly
- Related entities
- 37 observables, 1 intrusion sets (apt), 16 techniques (mitre), 5 malware, 8 others
Description
Mandiant provides an overview of the activities of APT45, a cyber threat group attributed with high confidence to North Korea. The report details APT45's transition from traditional espionage campaigns against government and defense sectors to financially motivated operations, including suspected ransomware development. The group has targeted critical infrastructure, nuclear facilities, and sectors like agriculture and healthcare, reflecting North Korea's evolving priorities. APT45 stands out among North Korean operators for its potential use of ransomware, possibly to fund regime activities.