TA444  (Back to overview)

TA444 is a North Korea state-sponsored threat actor that primarily focuses on financially motivated operations. They have been active since at least 2017 and have recently shifted their attention to targeting cryptocurrencies. TA444 employs various infection methods and has a diverse range of malware and backdoors at their disposal. They have been attributed to stealing hundreds of millions of dollars' worth of cryptocurrency and related assets.

Associated Families

There are currently no families associated with this actor.

2023-01-25ProofpointGreg Lesnewich, Proofpoint Threat Research Team
TA444: The APT Startup Aimed at Acquisition (of Your Funds)
CageyChameleon Lazarus Group TA444

Credits: MISP Project