KP

TA406TA406

Also known as: TA406

Origin
KP
Known aliases
1
Target sectors
3

Profile

TA406 is a North Korean-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). Operational targeting focuses on the Government, Journalists, and NGOs sectors. Documented victim organisations include China, France, Germany and 7 other named victims. Original record: TA406 is engaging in malware distribution, phishing, intelligence collection, and cryptocurrency theft, resulting in a wide range of criminal activities.

Aliases· 1

TA406

Target sectors· 3

GovernmentJournalistsNGOs

Known victims· 10

  • China
  • France
  • Germany
  • India
  • Japan
  • North America
  • Russia
  • South Africa
  • South Korea
  • United Kingdom

Compliance frameworks testing this (incoming)3

TypeTargetConfidenceTier
ComplianceControlowasp_llm_top10-llm01100%live
ComplianceControltiber_eu-closure100%live
ComplianceControltiber_eu-generic100%live

References

  1. https://www.proofpoint.com/us/blog/threat-insight/triple-threat-north-korea-aligned-ta406-scams-spies-and-steals
  2. https://www.proofpoint.com/us/blog/threat-insight/ta406-pivots-front

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
TA444
Actor
TA402
Actor
TA459
Actor
APT41
Actor
TA482
Actor
TA453
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.