G0126

G0126Higaisa

Description

[Higaisa](https://attack.mitre.org/groups/G0126) is a threat group suspected to have South Korean origins. [Higaisa](https://attack.mitre.org/groups/G0126) has targeted government, public, and trade organizations in North Korea; however, they have also carried out attacks in China, Japan, Russia, Poland, and other nations. [Higaisa](https://attack.mitre.org/groups/G0126) was first disclosed in early 2019 but is assessed to have operated as early as 2009.(Citation: Malwarebytes Higaisa 2020)(Citation: Zscaler Higaisa 2020)(Citation: PTSecurity Higaisa 2020)

References

  1. https://attack.mitre.org/groups/G0126
  2. https://blog.malwarebytes.com/threat-analysis/2020/06/higaisa/
  3. https://www.zscaler.com/blogs/security-research/return-higaisa-apt
  4. https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/covid-19-and-new-year-greetings-the-higaisa-group/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
Darkhotel
Group
Dust Storm
Group
Gelsemium
Group
APT37
Group
APT16
Group
Confucius
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.