NSHC ThreatRecon reported four SectorA activity clusters in August 2023, with operations observed in South Korea, Russia, the United States, Hong Kong, Singapore, the Philippines, and the United Kingdom. SectorA01 used the JumpCloud software-management incident to download malware capable of collecting system information and running shell commands, while SectorA02 used a CHM lure about insurance contract status to fetch additional malware through PowerShell. SectorA05 relied on VBS files disguised as agreements that dropped batch-file malware, and SectorA07 used an LNK cooperation-guide lure followed by Visual Basic Script and batch scripts to collect system data. The report says SectorA activity continued to pursue South Korean political and diplomatic intelligence while also seeking financial resources globally.