T1071 - DPRK Threat Intelligence

#T1071 Application Layer Protocol

Technique

Tactics: Command And Control
Description:
Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.

Adversaries may utilize many different protocols, including those used for web browsing, transferring files, electronic mail, DNS, or publishing/subscribing. For connections that occur internally within an enclave (such as those between a proxy or pivot node and other nodes), commonly used protocols are SMB, SSH, or RDP.(Citation: Mandiant APT29 Eye Spy Email Nov 22)
First Seen: Lazarus Group • 2017-05-31

MITRE ATT&CK

43

Tagged Reports
32

Unique Authors
3,257

Active Days

Tagged Reports

2021-12-04

0xthreatintel

APT37 targets Journalists & Security Researchers

#APT37 #DreamJob #T1547 #T1112 #T1518 #T1566 #T1012 #T1059.001 #T1059.005 #T1027 #T1547.001 #T1071 #T1071.001 #T1059 #T1082

2021-11-04

NSHC

Threat Actor targeted attack against Finance and Investment industry

#T1036 #T1043 #T1106 #T1102 #T1071 #T1143 #T1082 #T1119 #T1221 #T1049 #T1193 #T1005 #T1041 #T1020 #T1105 #T1083 #T1064 #T1204 #T1059

2021-06-03

Cybleinc

Kimsuky APT Group Distributes Fake Security App Disguised as KISA Security Program

#Kimsuky #AppleSeed #T1573 #T1071 #T1426 #T1430 #T1571 #T1448 #T1447 #T1412 #T1406

2021-05-21

Macnica

APT Threat Landscape in Japan 2020

#Trend #CloudDragon #T1055.012 #T1047 #T1027 #T1560.001 #T1543.003 #T1071 #T1482 #T1518.001 #T1566.001 #T1053.002 #T1218.011 #T1547.001 #T1140 #T1087.002 #T1003.002 #T1053.005 #T1204.002 #T1070.001 #T1071.001 #T1574.001 #T1574.002 #T1003.003 #T1059.001 #T1036.005 #T1133 #T1021.001

2021-02-28

PWC

Cyber Threats 2020: A Year in Retrospect

#AppleSeed #VeraPort #ShowState #BlackArtemis #BlackBanshee #BlackShoggoth #T1036 #T1068 #T1027 #T1071 #T1057 #T1082 #T1221 #T1187 #T1566 #T1547.001 #T1140 #T1005 #T1070.004 #T1041 #T1195 #T1083 #T1490 #T1486 #T1056.001 #T1133 #T1204 #T1059 #T1489

2020-08-26

USCISA

FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks

#BeagleBoyz #FASTCash2 #T1190 #T1562.001 #T1565.002 #T1543.003 #T1552.004 #T1056 #T1119 #T1565.003 #T1553.002 #T1485 #T1199 #T1021 #T1078 #T1010 #T1014 #T1574.001 #T1033 #T1203 #T1036 #T1012 #T1016 #T1059.005 #T1106 #T1027 #T1102 #T1071 #T1053.004 #T1027.005 #T1049 #T1140 #T1005 #T1129 #T1105 #T1110 #T1095 #T1489 #T1569.002 #T1573 #T1057 #T1082 #T1561.002 #T1518.001 #T1566.001 #T1548.003 #T1090 #T1041 #T1219 #T1560 #T1202 #T1562.003 #T1059.001 #T1189 #T1204 #T1070.006 #T1059 #T1101 #T1565.001 #T1056.004 #T1098 #T1547.001 #T1053.003 #T1562.006 #T1070.004 #T1505.003 #T1070.003 #T1113 #T1132.001 #T1020 #T1021.002 #T1218.001 #T1055 #T1087 #T1115 #T1083 #T1053 #T1486 #T1133 #T1021.001 #T1217

2020-06-17

ESET

Operation In(ter)ception: Aerospace and military companies in the crosshairs of cyberspies

#Inception #T1047 #T1036 #T1012 #T1106 #T1018 #T1027 #T1050 #T1114 #T1048 #T1071 #T1086 #T1537 #T1082 #T1085 #T1117 #T1002 #T1035 #T1140 #T1078 #T1005 #T1116 #T1194 #T1220 #T1087 #T1070 #T1053 #T1110 #T1204 #T1059

2020-05-06

Cyberstruggle

Leery Turtle Threat Report

#Cryptocurrency #LeeryTurtle #T1107 #T1060 #T1047 #T1131 #T1192 #T1064 #T1016 #T1170 #T1001 #T1071 #T1057 #T1082

2019-11-05

Telsy

THE LAZARUS’ GAZE TO THE WORLD: WHAT IS BEHIND THE FIRST STONE ?

#Lazarus #T1060 #T1193 #T1023 #T1043 #T1002 #T1071 #T1132

2019-08-26

MITRE

Kimsuky

#Kimsuky #G0094 #T1136 #T1589 #T1562 #T1534 #T1190 #T1593 #T1036 #T1012 #T1608 #T1587 #T1550 #T1543 #T1016 #T1027 #T1114 #T1567 #T1102 #T1071 #T1057 #T1056 #T1082 #T1176 #T1566 #T1111 #T1591 #T1098 #T1585 #T1021 #T1553 #T1584 #T1140 #T1218 #T1598 #T1546 #T1583 #T1005 #T1552 #T1078 #T1518 #T1505 #T1041 #T1219 #T1560 #T1555 #T1564 #T1105 #T1588 #T1547 #T1070 #T1112 #T1557 #T1083 #T1055 #T1594 #T1007 #T1053 #T1040 #T1133 #T1586 #T1074 #T1204 #T1059 #T1003

2019-01-29

MITRE

APT38

#G0082 #APT38 #T1562 #T1543 #T1106 #T1027 #T1071 #T1057 #T1056 #T1082 #T1566 #T1529 #T1485 #T1135 #T1049 #T1218 #T1005 #T1518 #T1505 #T1561 #T1105 #T1588 #T1565 #T1115 #T1070 #T1112 #T1083 #T1053 #T1486 #T1189 #T1569 #T1033 #T1110 #T1204 #T1059 #T1217

2018-04-18

MITRE

APT37

#APT37 #G0067 #T1203 #T1036 #T1123 #T1106 #T1027 #T1102 #T1071 #T1057 #T1082 #T1566 #T1529 #T1120 #T1548 #T1005 #T1559 #T1561 #T1555 #T1105 #T1055 #T1547 #T1053 #T1189 #T1033 #T1204 #T1059

2017-05-31

MITRE

Lazarus Group

#G0032 #T0865 #T1608 #T1587 #T1056 #T1566 #T1485 #T1591 #T1620 #T1021 #T1078 #T1010 #T1571 #T1588 #T1557 #T1033 #T1001 #T1542 #T1593 #T1589 #T1134 #T1203 #T1036 #T1012 #T1016 #T1106 #T1027 #T1102 #T1071 #T1614 #T1529 #T1049 #T1140 #T1005 #T1105 #T1046 #T1070 #T1110 #T1489 #T1562 #T1534 #T1573 #T1047 #T1543 #T1104 #T1491 #T1057 #T1082 #T1574 #T1090 #T1218 #T1583 #T1041 #T1561 #T1560 #T1564 #T1202 #T1547 #T1497 #T1189 #T1124 #T1204 #T1059 #T1008 #T1048 #T1567 #T1221 #T1098 #T1585 #T1553 #T1584 #T1220 #T1132 #T1055 #T1087 #T1083 #T1053 #T1074

« Back