NSHC observed five SectorA groups active in August 2022, with activity seen across East Asia, Europe, the United States, India, Singapore, Russia, Korea, and other regions. SectorA01 distributed malware disguised as cryptocurrency exchange engineering recruitment documents against finance, IT, aerospace, and manufacturing personnel, while SectorA02 used document lures such as business contact and transaction records and abused a Korean staffing company web server as C2 infrastructure. SectorA05 used spear-phishing emails themed around NFT reward token notices, SectorA06 delivered malicious Windows LNK files with recruitment, salary negotiation, and profit-sharing filenames against finance-sector targets, and SectorA07 used MS Word template injection in a document disguised as a Korean university file verified by a security product. The excerpt assesses SectorA activity as supporting long-running collection of political and diplomatic intelligence related to Korea while also pursuing financially motivated operations worldwide.