Labyrinth Chollima, active since at least 2018 and originating from North Korea and also known as APT37 has been linked to the North Korean Government.
This group is responsible for a number of high profile attacks targeting government organizations, critical infrastructure and the private sector.
Some very prominent attacks attributed to this include the WannaCry Ransomware attack which affected thousands of computers in over 150 different countries and the Dark Hotel attacks which targeted high profile guests at luxury hotels in Asia in 2014.
This group has been linked to other threat actor groups such as the Lazarus group. This group is believed to have been behind the 2014 Sony Pictures hack as well as the Reaper Group which has been linked to attack on South Korean targets.
Some tactics and techniques used by Labyrinth Chollima include spear phishing, watering hole attacks and supply chain attacks to gain access to a targets network. They also use custom malware and have been observed using advanced techniques such as steganography to conceal its activity.
This threat group is considered to be sophisticated and a highly capable threat actor that poses a considerable threat to organizations in a range of sectors.
Leave a Reply