NSHC’s January 2023 monthly report says SectorA activity was the most prominent threat-actor category observed, accounting for 31% of the tracked activity during the collection window. The DPRK-relevant SectorA section identifies SectorA01 activity in Sweden using malware disguised as a Bitcoin-exchange hiring post to steal system information, SectorA05 activity in South Korea using phishing emails and credential-harvesting websites against government, media, and university workers, and SectorA06 activity in Japan, Nigeria, and the United States using VHD and ISO image malware to evade Mark-of-the-Web defenses. NSHC assesses SectorA operations as continuing to pursue South Korean political and diplomatic intelligence while also targeting globally to secure financial resources.