UNC4736 is a threat actor attributed to KP, also known as UNC4736, Gleaming Pisces, UNC1720. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does UNC4736 exploit?

UNC4736 is known to exploit 1 CVEs. View the full list on the Strobes VI threat actor profile page.

UNC4736

Also known as: UNC4736, Gleaming Pisces, UNC1720, Citrine Sleet

KPFinancial Gain

Exploited CVEs

Overview

UNC4736 is a North Korean threat actor that has been involved in supply chain attacks targeting software chains of 3CX and X_TRADER. They have used malware strains such as TAXHAUL, Coldcat, and VEILEDSIGNAL to compromise Windows and macOS systems. UNC4736 has been linked to financially motivated cybercrime operations, particularly focused on cryptocurrency and fintech-related services. They have also demonstrated infrastructure overlap with other North Korean and APT43 activity.

Exploited Vulnerabilities

CVE ID	Action
CVE-2022-0609	View Details

Quick Actions

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001