|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:activeYearsStart
|
2012
|
|
gptkbp:alsoKnownAs
|
gptkb:Group123
gptkb:ScarCruft
cathedral
|
|
gptkbp:associatedWith
|
gptkb:North_Korean_government
|
|
gptkbp:attributedTo
|
gptkb:Kaspersky
gptkb:Microsoft
gptkb:CrowdStrike
gptkb:FireEye
gptkb:Google_Threat_Analysis_Group
|
|
gptkbp:connectsTo
|
gptkb:Lazarus_Group
gptkb:Kimsuky
|
|
gptkbp:countryOfOrigin
|
gptkb:North_Korea
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
APT37
|
|
gptkbp:language
|
gptkb:Korean
English
|
|
gptkbp:motive
|
espionage
surveillance
financial gain
political intelligence
|
|
gptkbp:notableEvent
|
gptkb:2017_South_Korean_military_cyberattack
gptkb:2018_Middle_East_cyber_espionage_campaign
attacks on North Korean defectors
attacks on cryptocurrency exchanges
attacks on human rights organizations
|
|
gptkbp:reportsTo
|
gptkb:Kaspersky
gptkb:Microsoft
gptkb:CrowdStrike
gptkb:FireEye
gptkb:Google_Threat_Analysis_Group
|
|
gptkbp:target
|
gptkb:Europe
gptkb:Japan
gptkb:Middle_East
gptkb:Russia
gptkb:South_Korea
gptkb:United_States
gptkb:Vietnam
gptkb:military
journalists
human rights activists
government organizations
|
|
gptkbp:technique
|
social engineering
spear phishing
supply chain attacks
watering hole attacks
zero-day exploits
mobile malware
malware delivery via email attachments
|
|
gptkbp:usesMalware
|
gptkb:Gold_Dragon
gptkb:bird
gptkb:FastCash
gptkb:Konni
gptkb:Rokit
gptkb:BabyShark
gptkb:Bluelight
gptkb:DestoryRAT
gptkb:Evil_New_Year
gptkb:Kimsuky_RAT
gptkb:POORAIM
gptkb:ScarCruft_backdoor
gptkb:TigerRAT
hermit
RUHAPPY
|
|
gptkbp:bfsParent
|
gptkb:Operation_Winnti
gptkb:Hacker
|
|
gptkbp:bfsLayer
|
7
|