2025-CrowdStrike-European-Threat-Landscape-Report.pdf (33 MB)

CrowdStrike’s European threat landscape report says DPRK-nexus adversaries conducted operations targeting Ukrainian entities during the period dominated by Russia’s invasion-related cyber activity. The DPRK section appears within a broader nation-state overview, which also notes that DPRK, Russia, Iran, China, Türkiye, Kazakhstan, and India target European entities for strategic intelligence, information operations, intellectual property theft, and opportunistic financial gain. The excerpt does not provide a specific DPRK malware family or intrusion chain, but it places DPRK activity alongside eCrime threats affecting Europe, including vishing, CAPTCHA lures, ransomware, data extortion, and underground access markets. For defenders, the value is contextual: DPRK activity is one part of a crowded European threat landscape where state-backed operations and financially motivated tradecraft increasingly overlap.