← Back to Actors
Andariel
AndarielSilent ChollimaPLUTONIUMOnyx Sleet
[Andariel](https://attack.mitre.org/groups/G0138) is a North Korean state-sponsored threat group that has been active since at least 2009. [Andariel](https://attack.mitre.org/groups/G0138) has primarily focused its operations--which have included destructive attacks--against South Korean government agencies, military organizations, and a variety of domestic companies; they have also conducted cyber financial operations against ATMs, banks, and cryptocurrency exchanges. [Andariel](https://attack.mitre.org/groups/G0138)'s notable activity includes Operation Black Mine, Operation GoldenAxe, and C...
12
Techniques
11
Covered
1
Gaps
92%
Coverage
Coverage11/12
GAPS (1)
COVERED (11)
T1005Data from Local System46 det.T1027.003Steganography5 det.T1049System Network Connections Discovery21 det.T1057Process Discovery18 det.T1105Ingress Tool Transfer170 det.T1189Drive-by Compromise10 det.T1203Exploitation for Client Execution71 det.T1204.002Malicious File397 det.T1566.001Spearphishing Attachment850 det.T1588.001Malware2 det.T1590.005IP Addresses4 det.