NSHC's January 2024 ThreatRecon report lists SectorA as the most active DPRK-relevant group family in a broad monthly roundup of 26 hacking groups. SectorA01 used malware disguised as PuTTY against targets in countries including Spain, the United States, Germany, Brazil, France, Serbia, Bangladesh, Turkey, Israel, India, Russia, Switzerland, and South Korea. SectorA02 used a Korea Unification Strategy Forum-themed LNK lure that downloaded additional malware through PowerShell, while SectorA05 abused a Foxit PDF Reader update theme and SectorA07 used a patent-fee CHM lure. NSHC assesses SectorA as pursuing South Korea-related political and diplomatic intelligence while also conducting financially motivated operations worldwide.