Google Cloud’s Mandiant cyber researchers have upgraded Andariel, also known as Onyx Sleet, Plutonium, and Silent Chollima, to an official advanced persistent threat (APT) group, alerting that it is targeting extremely sensitive atomic secrets and technology as North Korea continues its nuclear weapons acquisition efforts.
APT45, which has been active since 2009 and may have some connection to the Lazarus hacking operation, is characterised as having a moderate level of sophistication in terms of both scope and technology. Like many North Korean groups, its main objective is to steal money to fund the failing, isolated regime. It is most likely under the control of North Korea’s Reconnaissance General Bureau (RGB) 3rd Bureau and started out as a financially motivated operator.
What sets it apart from other groups, though, is its suspected development and use of ransomware. Mandiant provided evidence of APT45 clusters using the Maui and Shatteredglass ransomware strains, while it hasn’t been able to corroborate this claim with certainty.
What is known with some certainty is that APT45’s interest has recently shifted to other fields, such as crop science, healthcare, and pharmaceuticals, with much of its time being devoted to military affairs, according to Mandiant.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: