Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Also known as: Operation DarkSeoul, Dark Seoul, Hidden Cobra, Hastati Group, Andariel, Unit 121, Bureau 121, NewRomanic Cyber Army Team, Bluenoroff, Subgroup: Bluenoroff, Group 77, Labyrinth Chollima, Operation Troy, Operation GhostSecret, Operation AppleJeus, APT38, APT 38, Stardust Chollima, Whois Hacking Team, Zinc, Appleworm, Nickel Academy, APT-C-26, NICKEL GLADSTONE, COVELLITE, ATK3, G0032, ATK117, G0082, Citrine Sleet, DEV-0139, DEV-1222, Diamond Sleet, ZINC, Sapphire Sleet, COPERNICIUM, TA404, Lazarus group, BeagleBoyz, Moonstone Sleet, Black Artemis, HIDDEN COBRA, Guardians of Peace, NICKEL ACADEMY, Silent Chollima, PLUTONIUM, Onyx Sleet, Storm-1789, CTG-2460, Stressed Pungsan, Lazarus, Genie Spider, OperationTroy, Guardian of Peace, GOP, WHOis Team, Subgroup: Andariel, APT45, Stonefly, Jumpy Pisces, Alluring Pisces, TA444, UNC1069, CageyChameleon, CryptoCore, MASAN
CryptoCore is a North Korean APT known for targeting cryptocurrency exchanges and financial institutions, employing spear-phishing techniques that lead to LONEJOGGER malware infections. The group has leveraged social engineering tactics, including deepfake technology and hijacked YouTube accounts, to execute sophisticated giveaway scams that deceive victims into sending cryptocurrencies. Their operations have involved the misuse of platforms like Gemini for reconnaissance and the development of fraudulent content. Additionally, CryptoCore has been linked to a variety of campaigns, including Dangerous Password and SnatchCrypto, focusing on financial gain through cryptocurrency theft.
| CVE ID | Action |
|---|---|
| CVE-2018-4878 | View Details |
| CVE-2022-21894 | View Details |
| CVE-2017-0199 | View Details |
| CVE-2024-55591 | View Details |
| CVE-2017-8625 | View Details |
| CVE-2023-42793 | View Details |