AttackIQ Blog

North Korea

    AttackIQ Flex, North Korea

    Combatting Kimsuky and Safeguarding National Intelligence

    November 2, 2023
    In the covert realm of cyberspace, a formidable adversary has emerged – a state-sponsored, North Korean group known as Kimsuky. Their clandestine operations are not motivated by profit, but by the pursuit of state secrets and strategic intelligence for the Democratic People’s Republic of Korea (DPKR).
    Read More
    AttackIQ Flex, Cybercrime, North Korea

    How Does Your Security Stack Up Against North Korean Hackers? Put Your Defenses to the Test!

    September 27, 2023
    AttackIQ has released a new Flex package designed to replicate the activities associated with the recent supply chain attack on 3CX software by Lazarus Group, a North Korean-based adversary.
    Read More
    Adversary Emulation, North Korea

    Emulating Kimsuky’s Espionage Operations: A Closer Look at North Korea’s Efforts to Infiltrate South Korea

    April 26, 2023
    AttackIQ has released four new attack graphs that emulate the espionage activities led by Kimsuky, a politically motivated North Korean adversary with links to the nation’s intelligence operations.
    Read More
    Adversary Emulation, North Korea

    Response to Lazarus’ 3CX Supply Chain Compromise

    April 14, 2023
    AttackIQ has released a new attack graph that aims to emulate the activities linked to the recent supply chain attack against the software developed by the company 3CX. This new release aims to emulate the activities carried out during the initial stages of the system compromise and the hands-on keyboard activity led by Lazarus Group.
    Read More
    Adversary Emulation, North Korea

    Emulating the Highly Sophisticated North Korean Adversary Lazarus Group – Part 1

    January 5, 2023
    AttackIQ has released a bundle of content consisting of six new attack graphs that seek to emulate the campaigns and operations led by the infamous North Korean-sponsored adversary Lazarus Group against entities worldwide across multiple sectors.
    Read More
    Adversary Emulation, North Korea

    Emulating the Politically Motivated North Korean Adversary Andariel

    December 22, 2022
    AttackIQ has released a bundle of content that includes three new attack graphs that seek to emulate different cyberspace operations led by the North Korean-sponsored threat actor Andariel against multiple entities located in Asia, predominantly in South Korea, through the use of downloaders, backdoors, and custom ransomware.
    Read More
    Adversary Emulation, North Korea

    Emulating the Financially Motivated North Korean Adversary BlueNoroff

    December 14, 2022
    AttackIQ has released a bundle of content including four new attack graphs that seek to emulate two types of attacks conducted by the North Korean adversary BlueNoroff. The newly released graphs emulate the behaviors used in the attacks against the Society for Worldwide Interbank Financial Telecommunication (SWIFT) software and organizations involved in cryptocurrency.
    Read More