Names | Andariel (FSI) Silent Chollima (CrowdStrike) | |
Country | ![]() | |
Motivation | Information theft and espionage | |
First seen | 2014 | |
Description | A subgroup of Lazarus Group, Hidden Cobra, Labyrinth Chollima. | |
Observed | ||
Tools used | ||
Operations performed | 2014 | Operation “BLACKMINE” Target: South Korean organizations. Method: Information theft and espionage. |
2014 | Operation “GHOSTRAT” Target: Defense industry. Method: Information theft and espionage. | |
2014 | Operation “XEDA” Target: Foreign defense industries. Method: Information theft and espionage. | |
2015 | Operation “INITROY”/Phase 1 Target: South Korean organizations. Method: Information theft/early phase operation. | |
2015 | Operation “DESERTWOLF”/Phase 3 Target: South Korean defense industry. Method: Information theft and espionage. | |
2015 | Operation “BLACKSHEEP”/Phase 3. Target: Defense industry. Method: Information theft and espionage. | |
2016 | Operation “INITROY”/Phase 2 Target: South Korean organizations. Method: Information theft/early phase operation. | |
2016 | Operation “VANXATM” Target: ATM companies. Method: Financial theft/BPC. | |
2017 | Operation “Mayday” Target: South Koran Financial Company. Method: Information theft and espionage. | |
Jun 2018 | Operation “GoldenAxe” <https://blog.trendmicro.com/trendlabs-security-intelligence/new-andariel-reconnaissance-tactics-hint-at-next-targets/> |
Last change to this card: 15 April 2020
Download this actor card in PDF or JSON format
Previous: Lazarus Group, Hidden Cobra, Labyrinth Chollima
Next: Subgroup: BeagleBoyz
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on![]() ![]() |
Report incidents |
|
![]() |
+66 (0)2-123-1234 | |
![]() |
report@thaicert.or.th | |
![]() |
Download PGP key |