NSHC ThreatRecon reported December 2023 activity from five SectorA groups, with SectorA activity making up the largest share of the month's tracked hacking cases. SectorA01 posed as recruiters and targeted software developers with a fake interview process that led victims to install malware disguised as a normal program. SectorA02 used a Windows shortcut lure disguised as a document about proof for the source of undeclared funds, then ran Visual Basic Script and batch files to collect system information. SectorA06 targeted macOS users with a malicious Python script disguised as a cryptocurrency trading tool and distributed through a public Discord channel, while SectorA07 used an email-security-check LNK lure that executed obfuscated VBS and sent system information to C2 infrastructure. The report frames SectorA operations as continuing intelligence collection against South Korea-related political and diplomatic activity, alongside financially motivated activity worldwide.