The North Korean threat group, Andariel, has been observed using a variety of malicious tools in their cyberattacks against businesses and organizations in the southern region.
According to a recent report by the AhnLab Security Emergency Response Center (ASEC), one notable aspect of these attacks in 2023 is the frequent use of malware developed in the Go programming language.
Andariel, also recognized as Nicket Hyatt or Silent Chollima, is a sub-group of the Lazarus Group and has been active since at least 2008.
The primary targets of this state-sponsored group include financial institutions, defense contractors, government agencies, universities, cybersecurity companies, and energy firms. They engage in these attacks to support espionage efforts and generate illicit revenue for their country.