APT37 is a threat actor attributed to KP, also known as APT 37, Group 123, Group123. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does APT37 exploit?

APT37 is known to exploit 7 CVEs. View the full list on the Strobes VI threat actor profile page.

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001

APT37

Also known as: APT 37, Group 123, Group123, InkySquid, Operation Daybreak, Operation Erebus, Reaper Group, Reaper, Red Eyes, Ricochet Chollima, ScarCruft, Venus 121, ATK4, G0067, Moldy Pisces, APT-C-28, TEMP.Reaper, TA-RedAnt, RedEyes

KPCyber Espionage

Exploited CVEs

Overview

APT37 has likely been active since at least 2012 and focuses on targeting the public and private sectors primarily in South Korea. In 2017, APT37 expanded its targeting beyond the Korean peninsula to include Japan, Vietnam and the Middle East, and to a wider range of industry verticals, including chemicals, electronics, manufacturing, aerospace, automotive and healthcare entities

Exploited Vulnerabilities

CVE ID	Action
CVE-2016-4117	View Details