TA406

Also known as: TA406

TA406 is engaging in malware distribution, phishing, intelligence collection, and cryptocurrency theft, resulting in a wide range of criminal activities.

🌍 Country North Korea
Government Journalists NGOs

Targeted Victims

China France Germany India Japan North America Russia South Africa South Korea United Kingdom

Introduction

TA406 is engaging in malware distribution, phishing, intelligence collection, and cryptocurrency theft, resulting in a wide range of criminal activities.

Activities and Tactics

Targeted Sectors: Government, Journalists, NGOs

Country of Origin: 🇰🇵 North Korea

Suspected Victims: China, France, Germany, India, Japan, North America, Russia, South Africa, South Korea, United Kingdom

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

Information pending cataloguing.

Attribution and Evidence

Country of Origin: North Korea Additional attribution information pending cataloguing.

References

References pending cataloguing.