NSHC ThreatRecon's December 2023 report tracks five SectorA groups active across East Asia, Europe, North America, and other regions, with targeting that includes South Korea, Japan, the United States, and several European countries. The SectorA activity used fake hiring approaches against software developers, LNK files disguised as fund-source clarification documents, malicious JavaScript posing as Korean research import paperwork, macOS Python scripts distributed through Discord as cryptocurrency tools, and LNK email-account security lures. The reported payloads collected system information through Visual Basic Script, Batch scripts, DLL malware, and obfuscated VBS, with some activity receiving commands from C2 infrastructure. NSHC assesses the continuing SectorA activity as supporting collection on South Korean political and diplomatic issues while also pursuing financial resources globally.