|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:activeYearsStart
|
2012
|
|
gptkbp:alsoKnownAs
|
gptkb:APT37
gptkb:ScarCruft
|
|
gptkbp:attributedTo
|
gptkb:CrowdStrike
gptkb:FireEye
gptkb:Kaspersky_Lab
|
|
gptkbp:connectsTo
|
gptkb:North_Korean_government
|
|
gptkbp:countryOfOrigin
|
gptkb:North_Korea
|
|
gptkbp:enemyOf
|
spear phishing
watering hole attacks
zero-day exploits
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Red Star APT
|
|
gptkbp:industry
|
gptkb:government
defense
human rights
journalism
manufacturing
|
|
gptkbp:majorCity
|
gptkb:Japan
gptkb:Middle_East
gptkb:South_Korea
gptkb:Vietnam
|
|
gptkbp:motive
|
gptkb:intelligence_gathering
espionage
|
|
gptkbp:notableBattle
|
2017 attacks on South Korean government
2018 attacks on Middle East organizations
|
|
gptkbp:relatedTo
|
gptkb:Lazarus_Group
gptkb:Kimsuky
|
|
gptkbp:status
|
active
|
|
gptkbp:technique
|
data exfiltration
social engineering
custom malware
credential theft
lateral movement
|
|
gptkbp:usesMalware
|
gptkb:bird
gptkb:Destover
gptkb:Rokit
gptkb:Bluelight
gptkb:Kimsuky
cathedral
|
|
gptkbp:bfsParent
|
gptkb:NetTraveler
|
|
gptkbp:bfsLayer
|
7
|