Security News > 2023 > March > Newly exposed APT43 hacking group targeting US orgs since 2018
Mandiant analysts who disclosed the activities of APT43 for the first time assess with high confidence that the threat actors are state-sponsored, aligning their operational goals with the North Korean government's geopolitical aims.
The researchers have been tracking APT43 since late 2018 but have disclosed more specific details about the threat group only now.
APT43 employs a strategy akin to most North Korean threat groups that operate independently of state funding.
Mandiant has observed APT43 using malicious Android apps that target Chinese users looking to get cryptocurrency loans and instead lose their digital assets to the threat actors.
APT43 has been seen utilizing malware during the COVID-19 pandemic that the Lazarus hacking group also uses, but this overlap was short-lived.
Mandiant expects APT43 to continue to be a highly active threat group unless North Korea shifts national priorities.