APT37 has likely been active since at least 2012 and focuses on targeting the public and private sectors primarily in South Korea. In 2017, APT37 expa...

Threat Actor Profile

APT37

State-sponsored threat group originating from KP. Suspected sponsor: Korea (Democratic People's Republic of). Known to target Government, Private sector. Uses 40 known MITRE ATT&CK techniques.

40 TTPs Mapped 2 Industries Tracked Real-Time Alerts

Actor Overview

Origin Country
KP
Suspected Sponsor
Korea (Democratic People's Republic of)
Known Techniques
40 TTPs

Target Industries

GovernmentPrivate sector

Suspected Victims

Republic of KoreaJapanVietnam

MITRE ATT&CK Techniques

T1204T1548T1548.002T1071T1071.001T1123T1547T1547.001T1059T1059.003T1059.005T1059.006T1555T1555.003T1005 +25 more

Related Threat Reports

Premium
APT Campaign Analysis - Q4 2025Dec 2025
New Tactics Observed in WildDec 2025
Infrastructure Mapping ReportDec 2025
Stay Updated

Get alerts when new intel on APT37 is published.

Actor Details

Primary Name
APT37
Known Aliases
APT 37, Group 123, Group123, InkySquid, Operation Daybreak, Operation Erebus, Reaper Group, Reaper, Red Eyes, Ricochet Chollima, ScarCruft, Venus 121, ATK4, G0067, Moldy Pisces, APT-C-28
Data Source
Precursor Intelligence
Need API Access?

Integrate threat actor data into your SIEM or SOAR.

View Plans →