TraderTraitor (Threat Actor)

SYMBOL	COMMON_NAME	aka. SYNONYMS

TraderTraitor (Back to overview)

aka: Jade Sleet, UNC4899

TraderTraitor targets blockchain companies through spear-phishing messages. The group sends these messages to employees, particularly those in system administration or software development roles, on various communication platforms, intended to gain access to these start-up and high-tech companies. TraderTraitor may be the work of operators previously responsible for APT38 activity.

Associated Families

There are currently no families associated with this actor.

References

2023-10-10 ⋅ Mandiant ⋅ Adrian Hernandez, Austin Larsen, JEFF JOHNSON, Michael Barnhart, Michelle Cantos, Taylor Long
Assessed Cyber Structure and Alignments of North Korea in 2023
TraderTraitor

2023-07-24 ⋅ Mandiant ⋅ Austin Larsen, Dan Kelly, Joseph Pisano, Mark Golembiewski, Matt Williams, Paige Godvin
North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack
FULLHOUSE STRATOFEAR TraderTraitor

2022-04-20 ⋅ CISA ⋅ CISA
TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
Bankshot TraderTraitor

Credits: MISP Project