E5B1B1E99BA8E6ACB2E69DA5-E79FA5E98193E5889BE5AE872023E5B9B4E5BAA6A_ykF7HVE.pdf (43 MB)

Knownsec's 2023 APT threat analysis report summarizes activity by Northeast Asian groups including Kimsuky, APT37, Lazarus, and Konni. The report says these actors share a strategic purpose of supporting North Korean objectives through cyber espionage and intelligence collection, while using targeted attacks, customized tools, malware, and social-engineering techniques. It distinguishes APT37 and Kimsuky as mainly focused on South Korean targets, Konni as broader but still intelligence-driven, and Lazarus as a global actor combining cyber espionage and cybercrime; it also notes Kimsuky and Konni activity against the cryptocurrency sector in 2023.