APT / THREAT GROUP
Silent Chollima
🇰🇵North Korea-attributed
9
aliases
Last seen:May 20, 2026
Intelligence Profile
Andariel is a threat actor that primarily targets South Korean corporations and institutions. They are believed to collaborate with or operate as a subsidiary organization of the Lazarus threat group. WHOIS utilizes spear phishing attacks, watering hole attacks, and supply chain attacks for initial access. They have been known to exploit vulnerabilities and use malware such as Infostealer and TigerRAT.
Threat Analysis
Silent Chollima is a known-sophistication threat actor attributed to North Korea, engaged in cyber operations with a primary motivation of unknown activity patterns.
External References
Quick Facts
TypeAPT / Threat Group
Origin🇰🇵 North Korea
Aliases9
SourceMalpedia
Also Known As
WHOis TeamOperationTroySubgroup: AndarielPLUTONIUMOnyx SleetGOPGuardian of PeaceSilent ChollimaAndariel
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.