Apt38 — Threat Actor Profile, Campaigns & Targets

Threat entity extracted from intelligence sources

Frequency
25
occurrences
First Seen
October 31, 2025
Last Seen
June 22, 2026

Apt38 is a apt_group tracked across 12 threat clusters and 25 intelligence report mentions on ThreatCluster. First observed October 31, 2025; most recent activity June 22, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • Microsoft Attributes Mastra AI Supply Chain Attack to North Korea — Infosecurity-Magazine · June 22, 2026
  • SOC Prime: Detect Lazarus Attacks Using Three New RATs — socprime.com · May 26, 2026
  • T1505.003 Web Shell — attack.mitre.org · May 13, 2026
  • T1685: Disable or Modify Tools — attack.mitre.org · April 28, 2026
  • T1082 — attack.mitre.org · April 24, 2026
  • T1005 — attack.mitre.org · April 22, 2026
  • T1083 — attack.mitre.org · April 22, 2026
  • LayerZero Pins $292M KelpDAO Bridge Hack on North Korea's Lazarus Group — Decrypt.Co · April 20, 2026

CVSS v3.1 Breakdown