APT38 Research Paper by FireEye + Download

APT38 is a financially motivated North Korean regime-backed group responsible for conducting destructive attacks against financial institutions, as well as some of the world’s largest cyber heists. Based on widely publicized operations alone, the group has attempted to steal more than $1.1 billion.



APT38 Global targeting overview by FireEye

Instead of simply obtaining accesses and moving to transfer funds as quickly as possible, APT38 is believed to operate more similarly to an espionage operation, carefully conducting reconnaissance within compromised financial institutions and balancing financially motivated objectives with learning about internal systems.