← Back to Actors
Andariel
AndarielSilent ChollimaPLUTONIUMOnyx Sleet
[Andariel](https://attack.mitre.org/groups/G0138) is a North Korean state-sponsored threat group that has been active since at least 2009. [Andariel](https://attack.mitre.org/groups/G0138) has primarily focused its operations--which have included destructive attacks--against South Korean government agencies, military organizations, and a variety of domestic companies; they have also conducted cyber financial operations against ATMs, banks, and cryptocurrency exchanges. [Andariel](https://attack.mitre.org/groups/G0138)'s notable activity includes Operation Black Mine, Operation GoldenAxe, and C...
12
Techniques
12
Covered
0
Gaps
100%
Coverage
Coverage12/12
COVERED (12)
T1005Data from Local System47 det.T1027.003Steganography5 det.T1049System Network Connections Discovery22 det.T1057Process Discovery20 det.T1105Ingress Tool Transfer183 det.T1189Drive-by Compromise10 det.T1203Exploitation for Client Execution75 det.T1204.002Malicious File425 det.T1566.001Spearphishing Attachment905 det.T1588.001Malware2 det.T1590.005IP Addresses4 det.T1592.002Software1 det.