| SYMBOL | COMMON_NAME | aka. SYNONYMS |
TraderTraitor targets blockchain companies through spear-phishing messages. The group sends these messages to employees, particularly those in system administration or software development roles, on various communication platforms, intended to gain access to these start-up and high-tech companies. TraderTraitor may be the work of operators previously responsible for APT38 activity.
| 2025-07-28
⋅
Wiz.io
⋅
TraderTraitor: Deep Dive GolangGhost Manuscrypt RN Stealer DRATzarus GolangGhost PostNapTea Volgmer wAgentTea |
| 2025-04-14
⋅
Palo Alto Networks Unit 42
⋅
Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware RN Stealer |
| 2024-06-12
⋅
Google
⋅
Insights on Cyber Threats Targeting Users and Enterprises in Brazil TraderTraitor |
| 2023-10-10
⋅
Mandiant
⋅
Assessed Cyber Structure and Alignments of North Korea in 2023 TraderTraitor |
| 2023-07-24
⋅
Mandiant
⋅
North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack FULLHOUSE STRATOFEAR TraderTraitor |
| 2022-04-20
⋅
CISA
⋅
TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies Bankshot TraderTraitor |