The Andariel Unit is a unit of the North Korean Military Intelligence.[^1] It is suspected to be a subgroup of the Lazarus group that targets South Korean organizations and businesses.[^1] Andariel was first noticed around 2015.[^2] They developed unique malware to hack online gambling sites.[^2] The unit infiltrated the personal computer of the South Korean Defense Minister to extract military operations intelligence.[^2] Other aliases of this organization are “Hidden Cobra”, and “Onyx Sleet”.[^3] This unit conducts cyberespionage and ransomware attacks.[^3]
XEDA - targeted foreign defense industries
INITROY
VANXATM
111224CyberThreatSnapshot[^1]
#TreasurySanctionsNorth2024[^2]
#hreatAssessmentNorth[^3]