NSHC's November 2024 Japanese threat actor report says SectorA activity included five North Korea-linked clusters, with operations observed across Korea, the United States, the United Kingdom, Japan, Russia, and other regions. The SectorA examples include fake remote-work hiring that leads to backdoor deployment, LNK malware using a North Korea-Russia policy lure, VHDX lures tied to Chinese embassy invitations, credential and token abuse followed by cooperation with Play ransomware operators, and macOS persistence through modified ~/.zshenv files for cryptocurrency theft and information collection. The report frames SectorA as pursuing both intelligence collection tied to Korean political and diplomatic issues and revenue-generating operations worldwide.