December 2025 APT Group Trends
Key APT Group Trends by Region 1) North Korea North Korean state‑sponsored threat groups have increasingly relied on fake IT employment schemes, actively exploiting legitimate hiring platforms and fabricated identities to infiltrate corporate environments. These actors frequently take advantage of remote‑work infrastructures to obtain elevated access and
November 2025 APT Group Trends
Trends of Key APT Groups by Region 1) North Korea The attack techniques of threat actors suspected to be based in North Korea are continuously evolving. In the case of malware distribution, threat actors are increasingly using a JSON-based cloud storage service instead of traditional email attachments or
October 2025 APT Group Trends
Trends of Key APT Groups by Region 1) North Korea North Korea-affiliated cyber threat groups have stolen cryptocurrency, credentials, and performed reconnaissance and remote control attacks through various malware and operations. They used Node.js-based malware and a multi-stage infection chain to target both Windows and macOS environments. Through their
September 2025 APT Group Trends
Trends of Key APT Groups by Region 1) North Korea North Korea-linked APT groups have been intensively carrying out advanced spear-phishing and remote access attacks against the defense, military, and cryptocurrency sectors in South Korea. They have also introduced a new psychological deception technique using generative AI and
August 2025 Threat Trend Report on APT Groups
Purpose and Scope This report covers nation-led threat groups, presumed to conduct cyber espionage or sabotage supported by certain governments. These groups are referred to as advanced persistent threat (APT) groups for the sake of convenience. Therefore, this report does not contain information on cybercriminal groups aiming to gain financial
July 2025 Major APT Group Trends
Purpose and Scope This report covers nation-led threat groups, presumed to conduct cyber espionage or sabotage supported by certain governments. These groups are referred to as advanced persistent threat (APT) groups for the sake of convenience. Therefore, this report does not contain information on cybercriminal groups aiming to gain financial
Mobile Security & Malware Issue 2st Week of August, 2025
ASEC Blog publishes “Mobile Security & Malware Issue 2st Week of August, 2025”
Threat Trend Report on APT Groups – June 2025 Major APT Group Trends
Purpose and Scope This report covers nation-led threat groups, presumed to conduct cyber espionage or sabotage supported by certain governments. These groups are referred to as advanced persistent threat (APT) groups for the sake of convenience. Therefore, this report does not contain information on cybercriminal groups aiming to gain financial
April 2025 APT Group Trends
Trends of major APT groups by country 1) North Korea Since November 2024, the North Korean APT group has been exploiting the vulnerability of South Korean Internet financial security software. Similar attacks have been carried out in the past, and the threat actors have been launching attacks
Analysis of Lazarus Group’s Attack on Windows Web Servers
AhnLab SEcurity intelligence Center (ASEC) has identified attack cases of the Lazarus group breaching a normal server and using it as a C2. Attacks that install a web shell and C2 script on South Korean web servers continue to occur. Additionally, there are cases where LazarLoader malware and privilege escalation
