Cyber Resilience

Threat actor · all actors

HigaisaG0126 unknown

aka Higaisa

Last updated: 2026-07-03

0attributed CVEs
41ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[Higaisa](https://attack.mitre.org/groups/G0126) is a threat group suspected to have South Korean origins. [Higaisa](https://attack.mitre.org/groups/G0126) has targeted government, public, and trade organizations in North Korea; however, they have also carried out attacks in China, Japan, Russia, Poland, and other nations. [Higaisa](https://attack.mitre.org/groups/G0126) was first disclosed in early 2019 but is assessed to have operated as early as 2009.(Citation: Malwarebytes Higaisa 2020)(Citation: Zscaler Higaisa 2020)(Citation: PTSecurity Higaisa 2020)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
SI-427 / 4166%
CM-225 / 4161%
CM-625 / 4161%
SI-325 / 4161%
CA-720 / 4149%
CM-720 / 4149%
AC-416 / 4139%
SC-715 / 4137%
SI-713 / 4132%
SI-1012 / 4129%
AC-311 / 4127%
AC-611 / 4127%
SI-210 / 4124%
AC-29 / 4122%
RA-58 / 4120%

Co-occurring actors

None.

Similar actors