IBM X-Force identifies ITG03 as a DPRK state-sponsored threat group with significant overlap with the publicly reported Lazarus Group, active since at least 2009. The group has supported North Korean objectives through espionage, sabotage, and asymmetric operations, including targeting South Korea, the United States, government-linked individuals, academics, nonprofits, and defectors. Since at least 2016, ITG03 expanded into financially motivated activity against global financial institutions and cryptocurrency exchanges to offset sanctions pressure and raise foreign capital. X-Force notes the group’s use of zero-days, destructive malware, ransomware elements, and maintained infrastructure, assessing continued risk to financial and politically sensitive targets.