Cyber Resilience

Threat actor · all actors

APT38G0082 state

🇰🇵 KP · RGB

aka APT38, NICKEL GLADSTONE, BeagleBoyz, Bluenoroff, Stardust Chollima, Sapphire Sleet, COPERNICIUM

Last updated: 2026-07-03

2attributed CVEs
77ATT&CK techniques
5.5IDF score (tooling uniqueness)
1exclusive CVEs
2016–2026years active

About this actor

[APT38](https://attack.mitre.org/groups/G0082) is a North Korean state-sponsored threat group that specializes in financial cyber operations; it has been attributed to the Reconnaissance General Bureau.(Citation: CISA AA20-239A BeagleBoyz August 2020) Active since at least 2014, [APT38](https://attack.mitre.org/groups/G0082) has targeted banks, financial institutions, casinos, cryptocurrency exchanges, SWIFT system endpoints, and ATMs in at least 38 countries worldwide. Significant operations include the 2016 Bank of Bangladesh heist, during which [APT38](https://attack.mitre.org/groups/G0082) stole $81 million, as well as attacks against Bancomext (Citation: FireEye APT38 Oct 2018) and Banco de Chile (Citation: FireEye APT38 Oct 2018); some of their attacks have been destructive.(Citation: CISA AA20-239A BeagleBoyz August 2020)(Citation: FireEye APT38 Oct 2018)(Citation: DOJ North Korea Indictment Feb 2021)(Citation: Kaspersky Lazarus Under The Hood Blog 2017) North Korean group definitions are known to have significant overlap, and some security researchers report all North Korean state-sponsored cyber activity under the name [Lazarus Group](https://attack.mitre.org/groups/G0032) instead of tracking clusters or subgroups.

Source: MITRE ATT&CK

Activity timeline

Profile

CVERiskCVSSEPSSPublishedProducts
CVE-2016-4119 7.09.80.03962016-08-26see CVE
CVE-2026-20929 5.57.50.01142026-01-13see CVE

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
SI-451 / 7766%
CM-247 / 7761%
CM-644 / 7757%
AC-335 / 7745%
SI-335 / 7745%
AC-634 / 7744%
SI-734 / 7744%
CM-730 / 7739%
AC-227 / 7735%
CA-727 / 7735%
AC-521 / 7727%
CM-518 / 7723%
IA-218 / 7723%
RA-515 / 7719%
SI-215 / 7719%

Co-occurring actors

Similar actors

Overlapping CVEs