State-sponsored hacker group alleged to be run by the North Korean government. Known for cyberattacks since the 2000s, including the 2014 Sony Pictures hack and the 2016 Bangladesh Bank heist. Designated as an advanced persistent threat, it engages in cyberespionage, cyberwarfare, and financial theft. Based in Pyongyang, North Korea.
CRIMENET has extracted 9 linkages for this organization, including 2 cooperative ties across 2 organizations, 7 other connections and footprints in 17 countries.
attack on the Bangladesh Bank
over 16 organizations in at least 13 countries between 2014 and 2021: Bangladesh, Chile, India, Mexico, Pakistan, the Philippines, South Korea, Taiwan, Turkey, and Vietnam
North Korean hackers are sent vocationally to Shenyang, China for special training
stolen US$12 million from the Banco del Austro in Ecuador
a local cryptocurrency exchange named WazirX was hacked by the group and $234.9 million worth of crypto assets have been stolen
successful $49 million theft from an institution in Kuwait
over 16 organizations in at least 13 countries between 2014 and 2021: Bangladesh, Chile, India, Mexico, Pakistan, the Philippines, South Korea, Taiwan, Turkey, and Vietnam
over 16 organizations in at least 13 countries between 2014 and 2021: Bangladesh, Chile, India, Mexico, Pakistan, the Philippines, South Korea, Taiwan, Turkey, and Vietnam
targeted banks in Poland
target the South Korean government in Seoul
US$20 million traced to Sri Lanka
stolen US$60 million from the Far Eastern International Bank of Taiwan
over 16 organizations in at least 13 countries between 2014 and 2021: Bangladesh, Chile, India, Mexico, Pakistan, the Philippines, South Korea, Taiwan, Turkey, and Vietnam
NHS in Britain
2014 attack on Sony Pictures
US$1 million from Vietnam's Tien Phong Bank