APT / THREAT GROUP
Korean
1
aliases
Intelligence Profile
Ransomware Based on HiddenTear
Threat Analysis
Korean is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning Korean
North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign
The Hacker News· Jul 4, 2026
Microsoft Attributes Mastra AI Supply Chain Attack to North Korea
Infosecurity Magazine· Jun 22, 2026
North Korean Hackers Blamed for Mastra NPM Supply Chain Attack
SecurityWeek· Jun 22, 2026
Microsoft links Mastra AI supply chain attack to North Korean hackers
BleepingComputer· Jun 20, 2026
North Korean Hiring Fraud Runs on AI and US Laptop Farms
Infosecurity Magazine· Jun 17, 2026
Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
The Hacker News· Jun 16, 2026
North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels
The Hacker News· Jun 15, 2026
Suspected North Korean actors use fake ‘coding assignments’ to steal crypto
Proofpoint Threat Insight· Jun 9, 2026
External References
Quick Facts
TypeAPT / Threat Group
Aliases1
Also Known As
Korean
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.