xorl %eax, %eax

North Korea (DPRK) Cyber Operations Groups

leave a comment »

After Russia, US and China, here is my mapping of known APT groups with (offensive) cyber operations capabilities from DPRK (commonly referred to as North Korea). As always, please let me know if you notice any mistakes, errors, or missing information since this is supposed to be a live document, updated as soon as new information becomes available.

The sources used are listed below the diagram, similarly to the other cases.

Last update: 28 March 2022



  • Version 2.0 (28 March 2022): Updated based on Mandiant’s research.
  • Version 1.5 (28 April 2021): Added Bureau 325. (credits: @SwitHak)
  • Version 1.0 (24 April 2021): First publication.

Written by xorl

April 24, 2021 at 13:39

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: