DarkHotel is a threat actor attributed to KR, also known as Nemin, Higaisa, Nemim. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does DarkHotel exploit?

DarkHotel is known to exploit 4 CVEs. View the full list on the Strobes VI threat actor profile page.

DarkHotel

Also known as: Nemin, Higaisa, Nemim, Pioneer, Dubnium, Fallout Team, Shadow Crane, ATK 52, Purple Pygmy, ATK52, Zigzag Hail, Luder, DUBNIUM, TieOnJoe, Tapaoux, TUNGSTEN BRIDGE, G0126, APT-C-06, Dark Hotel, Karba, CTG-1948, SIG25, Tungsten Bridge, T-APT-02, G0012, TEMPLAR, Egobot, PALADIN, APT-C-60, APT-Q-12

KRInformation theft and espionage

Exploited CVEs

Overview

APT-C-60

Exploited Vulnerabilities

CVE ID	Action
CVE-2018-8174	View Details
CVE-2020-0986	View Details
CVE-2015-8651	View Details
CVE-2015-3113	View Details

Activity Timeline

First Seen

January 1, 2007

Quick Actions

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001