eset_apt_activity_report_t32022.pdf (4 MB)

ESET’s T3 2022 APT activity reporting notes that North Korea-aligned groups remained active against cryptocurrency firms and exchanges in multiple regions. The DPRK-linked activity relied on older exploits to compromise targets, while Kimsuky continued operations without major changes in targeting or TTPs. The report also observed Konni broadening its decoy-document language set to English, suggesting possible targeting beyond its usual Russian and Korean focus. Because the source is a broad multi-actor APT roundup, the DPRK-relevant finding is the continued targeting of cryptocurrency organizations and the persistence of established North Korea-aligned tradecraft during the period.