lazarusholicFeb 10, 2025
"Targeted Threats Research - South & North Korea (a breakdown of 3 years of threat research in Korea)" published by 0x0v1. #APT37, #CVE-2022-41128, #Kimsuky, #RambleOn, #RokRAT, #UCID902, #DPRK, #CTI https://www.0x0v1.com/targeted-threats-research-south-north-korea/
Targeted Threats Research - South & North Korea (a breakdown of 3 years of threat research in Korea)

This research will be discussed at RightsCon 2025: Unveiling North Korea’s cyber threats: safeguarding human rights Sections: 1. Executive Summary 2. Introduction 3. Methodology 1. Sample submission 2. Auditing 3. Malware analysis 4. Email Content analysis 5. Passive DNS & open-source threat intelligence 4. Data Overview 1. Cluster analysis 2.

[0x0v1]
OviApr 20, 2023
We (Interlab) have been tracking a threat actor we classify as #UCID902. This actor is utilising watering hole credential harvesting attacks to target activists related to the advocacy of human rights in the Korea peninsular.
lazarusholicApr 19, 2023
"UCID902: Uncovering nation state watering hole credential harvesting campaigns targeting human rights activists by APT threat group UCID902" published by InterLab. #UCID902, #CTI, #OSINT, #LAZARUS https://interlab.or.kr/archives/18979
Interlab 인터랩 | Uncovering nation state watering hole credential harvesting campaigns targeting human rights activists by APT threat group UCID902

Interlab is a non-profit organization based in Seoul with mission to create resilient digital safety net for freedom of citizens, providing free digital security consultations, trainings, incident response support and research of cyber threat toward civic society.