Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Also known as: Operation DarkSeoul, Dark Seoul, Hidden Cobra, Hastati Group, Andariel, Unit 121, Bureau 121, NewRomanic Cyber Army Team, Bluenoroff, Subgroup: Bluenoroff, Group 77, Labyrinth Chollima, Operation Troy, Operation GhostSecret, Operation AppleJeus, APT38, APT 38, Stardust Chollima, Whois Hacking Team, Zinc, Appleworm, Nickel Academy, APT-C-26, NICKEL GLADSTONE, COVELLITE, ATK3, G0032, ATK117, G0082, Citrine Sleet, DEV-0139, DEV-1222, Diamond Sleet, ZINC, Sapphire Sleet, COPERNICIUM, TA404, Lazarus group, BeagleBoyz, Moonstone Sleet, Black Artemis, HIDDEN COBRA, Guardians of Peace, NICKEL ACADEMY, Silent Chollima, PLUTONIUM, Onyx Sleet, Storm-1789, CTG-2460, Stressed Pungsan, OperationTroy, Guardian of Peace, GOP, WHOis Team, Subgroup: Andariel, APT45, Stonefly, Jumpy Pisces, Alluring Pisces, TA444, Lazarus, Genie Spider
Since 2009, HIDDEN COBRA actors have leveraged their capabilities to target and compromise a range of victims; some intrusions have resulted in the exfiltration of data while others have been disruptive in nature. Commercial reporting has referred to this activity as Lazarus Group and Guardians of Peace. Tools and capabilities used by HIDDEN COBRA actors include DDoS botnets, keyloggers, remote access tools (RATs), and wiper malware. Variants of malware and tools used by HIDDEN COBRA actors include Destover, Duuzer, and Hangman.
| CVE ID | Action |
|---|---|
| CVE-2022-21894 | View Details |
| CVE-2018-4878 | View Details |
| CVE-2017-0199 | View Details |
| CVE-2024-55591 | View Details |
| CVE-2017-8625 | View Details |
| CVE-2023-42793 | View Details |