Newly exposed APT43 hacking group targeting US orgs since 2018
A newly exposed North Korean hacking group, APT43, has been targeting government organizations, academics, and think tanks in the United States, Europe, Japan, and South Korea since 2018. Mandiant analysts assess with high confidence that the threat actors are state-sponsored and align their operational goals with the North Korean government's geopolitical aims. The group has been observed engaging in espionage and financially-motivated cybercrime operations, using malware such as Kimsuky, GhostRAT, gh0st RAT, BabyShark, QuasarRAT, Amadey, HOPLIGHT, and Hangman. Malware: Kimsuky, APT43, Lazarus, Amadey, ANDROID, BENCHMARK, BIGRAISIN, BITTERSWEET, BRAVEPRINCE, COINTOS, COINTOSS.XLM, DRIVEDOWN, EGGHATCH, FastFire, Gh0stRAT, GoldDragon, GOLDDROP, GOLDSMELT, GRAYZONE, Hangman, JURASSICSHELL, LANDMARK, LANDMARK.NET, LATEOP, LATEOP.V2, LOGCABIN, LONEJOGGER, PASSMARK, PENCILDOWN, PENDOWN, PowerShell, PUMPKINBAR, QuasarRAT, SLIMCURL, SOURDOUGH, SPICYTUNA, SWEETDROP, TROIBOMB, VENOMBITE [View Article](https://www.bleepingcomputer.com/news/security/newly-exposed-apt43-hacking-group-targeting-us-orgs-since-2018/)