https://www.fireeye.com/blog/threat-research/2018/10/apt38-details-on-new-north-korean-regime-backed-threat-group.htmlInteresting, destructive attack targeting financial sectors.
---
We attribute APT38 to North Korean state-sponsored operators based on a combination of technical indicators
linking the activity to Pyongyang and details released by DOJ implicating North Korean national Park Jin Hyok
in a criminal conspiracy. We assess with high confidence that these activities were directed and sponsored by
the North Korean government. Because the North Korean regime keeps strict control over communications and
internet infrastructure in the country, it is highly improbable that these operations could be conducted without
the knowledge or explicit sponsorship of the government.
- Un-usual Suspects