Uptime Hamster: 15d 6h 37mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza Opal Sleet

Opal Sleet

0 incidentes 0 paises 0 sectores apt KP Ultimo: -
Aliases: Konni, OSMIUM, Vedalia
Ver en IntelTracker → APTTrail →
Opal Sleet is a North Korea-linked advanced persistent threat (APT) group primarily driven by cyber espionage and data exfiltration, with objectives also encompassing financial gain and disruption of adversarial technological advancements. First documented in 2014, the group is frequently referred to by aliases such as Konni, OSMIUM, Vedalia, TA406, and APT37. Opal Sleet distinguishes itself through its adaptable tactics, including the use of AI-generated PowerShell backdoors and novel exploitation of legitimate services like Google Find Hub for remote device wiping, indicating a continuous evolution in its operational methods.

Aliases del actor

KonniOSMIUMVedalia

Actores similares

apt-onyxsleetactor · 1Moonstone Sleetactor · 1moonstone-sleetactor · 1Pearl Sleetapt · 0Ruby Sleetapt · 0
Tecnicas MITRE
T1041 - Exfiltration Over C2 Channel, T1123 - Audio Capture, T1071.001 - Web Protocols, T1204.002 - Malicious File, T1106 - Native API, T1564 - Hide Artifacts
CVEs relacionadas
CVE-2025-8088, CVE-2025-6218, CVE-2024-21412, CVE-2023-38831, CVE-2023-36025
Tipo
apt
Pais origen
KP
Motivacion
-
Impacto
40
Actualizado
Sat, 03 Fe

Sectores objetivo (SOCRadar)

FinancePublic AdministrationTelecommunicationsSpace & DefenseNational Security&International AffairsInternet PublishingCryptoCurrency & NFTGrantmaking and Giving ServicesNational Security and International AffairsComputer Systems Design and Related Services