CN

Operation Shadow ForceOperation Shadow Force

Also known as: TA-ShadowCricket · Larva-24013 · Operation Shadow Force

Origin
CN
Known aliases
3

Profile

Operation Shadow Force is a group of malware that is representative of Shadow Force and Wgdrop from 2013 to 2020, and is a group activity that attacks Korean companies and organizations. The group's first confirmed attack was in March 2013, but considering the date of malware creation, it is likely to have been active before 2012. Since the malware used mainly by them is Shadow Force, it was named Operation Shadow Force, and it has not been confirmed whether the attacker is associated with a known group.

Aliases· 3

TA-ShadowCricketLarva-24013Operation Shadow Force

References

  1. https://www.ahnlab.com/kr/site/securityinfo/secunews/secuNewsView.do?curPage=1&menu_dist=2&seq=29129
  2. https://mobile.twitter.com/mstoned7/status/1247361687570673664
  3. https://www.ahnlab.com/en/contents/content-center/35891
  4. https://asec.ahnlab.com/en/52479/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Dust Storm
Actor
APT37
Actor
Lazarus Group
Campaign
Operation Ghost
Actor
APT45
Campaign
Operation Honeybee
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.