| SYMBOL | COMMON_NAME | aka. SYNONYMS |
CryptoCore is a North Korean APT known for targeting cryptocurrency exchanges and financial institutions, employing spear-phishing techniques that lead to LONEJOGGER malware infections. The group has leveraged social engineering tactics, including deepfake technology and hijacked YouTube accounts, to execute sophisticated giveaway scams that deceive victims into sending cryptocurrencies. Their operations have involved the misuse of platforms like Gemini for reconnaissance and the development of fraudulent content. Additionally, CryptoCore has been linked to a variety of campaigns, including Dangerous Password and SnatchCrypto, focusing on financial gain through cryptocurrency theft.
There are currently no families associated with this actor.
| 2025-11-05
⋅
Google
⋅
GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools PromptLock UNC1069 |
| 2023-10-10
⋅
Mandiant
⋅
Assessed Cyber Structure and Alignments of North Korea in 2023 TraderTraitor UNC1069 |