Getting To Know APT38
APT38 is an active threat to financial institutions all around the world due to methods and technologies being deployed by the North Korean regime-backed group, according to Sandra Joyce, VP and head of global intelligence operations for Milpitas, Calif.-based FireEye.
"This is a very insidious group," Joyce said at the FireEye Cyber Defense Summit in Washington D.C. "They will destroy networks and steal millions and millions of dollars."
Instead of simply obtaining access to financial institutions and moving to transfer funds as quickly as possible, APT38 operates more like an espionage operation, conducting reconnaissance within compromised financial institutions to learn about their internal systems. The group has compromised more than 16 organizations in at least 11 different countries since beginning to focus on banks in 2014.
Here's a look at five things that make APT38 so dangerous.