KP

TA444TA444

Also known as: TA444

Origin
KP
Known aliases
1

Profile

TA444 is a North Korea state-sponsored threat actor that primarily focuses on financially motivated operations. They have been active since at least 2017 and have recently shifted their attention to targeting cryptocurrencies. TA444 employs various infection methods and has a diverse range of malware and backdoors at their disposal. They have been attributed to stealing hundreds of millions of dollars' worth of cryptocurrency and related assets.

Aliases· 1

TA444

Compliance frameworks testing this (incoming)1

TypeTargetConfidenceTier
ComplianceControlai_act-art14100%live

References

  1. https://www.proofpoint.com/us/blog/threat-insight/ta444-apt-startup-aimed-at-your-funds
  2. https://cyberscoop.com/north-korean-cryptocurrency-hackers-education-government/
  3. https://www.darkreading.com/remote-workforce/north-korea-apt-swindled-1b-crypto-investors-2022

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
TA406
Actor
APT45
Actor
APT43
Actor
UNC5342
Actor
TA453
Actor
UNC4736
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.