NSHC ThreatRecon reported that SectorA activity was the largest share of the threat actor group activity it tracked from 21 June to 20 July 2023. The SectorA section describes five clusters: VNC-disguised malware with downloader functions, CHM insurance-transfer lures that ran PowerShell, Word documents disguised as divorce agreement forms, Mach-O malware aimed at Japanese cryptocurrency exchanges, and LNK files disguised as taxpayer invoices. Reported targeting covered South Korea, Japan, India, Australia, Germany, Singapore, the United States, Bulgaria, Vietnam, and other regions. NSHC assessed the activity as focused on collecting government, political, and diplomatic information while also pursuing financial resources.