APT38
2019-01-29 • MITRE •
MITRE ATT&CK profiles APT38, also tracked as NICKEL GLADSTONE, BeagleBoyz, Bluenoroff, Stardust Chollima, Sapphire Sleet, COPERNICIUM, and Group G0082. The entry describes financially motivated North Korea-linked activity including fake financial or venture-capital domains, HTTP/HTTPS command-and-control, data collection from browsers and clipboards, and credential access attempts. The technique mapping helps defenders align detections for APT38 tradecraft across intrusion stages.
Related Actors
Related Reports
2017-05-31 •
37% Match
#G0032
#T1082
#T1090
#T1140
#T1005
#T1041
#T1560
#T1046
#T1083
#T1497
#T1036
#T1027
#T1567
#T1071
#T1124
#T1204
#T1057
#T1053
#T1566
#T1102
#T1059
#T1001
#T1105
#T1055
#T1620
#T1543
#T1489
#T1078
#T1008
#T1571
#T1218
#T1220
#T1588
#T1203
#T1189
#T1049
#T1574
#T1098
#T1087
#T1593
#T1589
#T1016
#T1587
#T1591
#T1585
#T1583
#T1557
#T1547
#T1614
#T1106
#T1573
#T1048
#T1562
#T1608
#T1070
#T1047
#T1074
#T1134
#T1056
#T1529
#T1010
#T1553
#T1033
#T1485
#T1012
#T1110
#T1534
#T1104
#T1202
#T1221
#T1132
#T1021
#T1561
#T1564
#T1584
#T0865
#T1542
#T1491
Shares tags: T1082, T1005, T1083 • Same author: MITRE
2019-08-26 •
32% Match
#Kimsuky
#G0094
#T1082
#T1140
#T1005
#T1041
#T1555
#T1560
#T1112
#T1083
#T1036
#T1027
#T1567
#T1071
#T1204
#T1552
#T1057
#T1053
#T1566
#T1102
#T1059
#T1003
#T1105
#T1219
#T1055
#T1543
#T1078
#T1133
#T1218
#T1190
#T1588
#T1114
#T1098
#T1593
#T1589
#T1016
#T1587
#T1111
#T1591
#T1585
#T1598
#T1583
#T1594
#T1557
#T1547
#T1562
#T1608
#T1546
#T1070
#T1074
#T1056
#T1586
#T1176
#T1553
#T1012
#T1534
#T1007
#T1518
#T1021
#T1040
#T1564
#T1584
#T1136
#T1505
#T1550
Shares tags: T1082, T1005, T1112 • Same author: MITRE
Shares tag: APT38
Shares tag: APT38
Shares tag: APT38
Shares tag: APT38