gptkbp:instanceOf
|
cybercrime
|
gptkbp:alsoKnownAs
|
gptkb:Kimsuky
|
gptkbp:attributedTo
|
gptkb:FireEye
gptkb:Mandiant
gptkb:US_Cybersecurity_and_Infrastructure_Security_Agency
|
gptkbp:category
|
Advanced Persistent Threat
state-sponsored group
|
gptkbp:connectsTo
|
gptkb:Lazarus_Group
North Korean Reconnaissance General Bureau
|
gptkbp:countryOfOrigin
|
gptkb:North_Korea
|
gptkbp:firstReported
|
2012
|
https://www.w3.org/2000/01/rdf-schema#label
|
APT43
|
gptkbp:infrastructure
|
command and control servers
malicious email accounts
fake websites
|
gptkbp:language
|
gptkb:Korean
English
|
gptkbp:mainActivity
|
cybercrime
credential harvesting
information theft
|
gptkbp:motive
|
gptkb:intelligence_gathering
financial gain
support North Korean regime
|
gptkbp:notableEvent
|
COVID-19 research targeting
nuclear policy espionage
phishing campaigns against journalists
|
gptkbp:operatedBy
|
gptkb:North_Korean_government
|
gptkbp:sector
|
gptkb:government
gptkb:media
gptkb:military
defense
academia
think tanks
|
gptkbp:status
|
active
|
gptkbp:target
|
gptkb:Europe
gptkb:Japan
gptkb:South_Korea
gptkb:United_States
|
gptkbp:technique
|
social engineering
spear phishing
watering hole attacks
|
gptkbp:usesMalware
|
gptkb:BabyShark
Gh0st RAT
AppleSeed
KGH_SPY
ReconShark
SPYWARE
|
gptkbp:bfsParent
|
gptkb:Operation_Winnti
|
gptkbp:bfsLayer
|
7
|