Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Long-running North Korea threat group splits into 3 distinct operations

Summary by CyberScoop
A North Korea-backed threat group operating since 2009 has splintered into three distinct groups with specialized malware and objectives, CrowdStrike said in a report released Thursday. Labeled “Labyrinth Chollima” by the company, the group follows a divergence pattern CrowdStrike observed previously. Labyrinth Chollima has spawned two additional groups: Golden Chollima and Pressure Chollima. The spin-offs, which have been operating since 2020, …

7 Articles

CyberScoopCyberScoop
Center

Long-running North Korea threat group splits into 3 distinct operations

A North Korea-backed threat group operating since 2009 has splintered into three distinct groups with specialized malware and objectives, CrowdStrike said in a report released Thursday. Labeled “Labyrinth Chollima” by the company, the group follows a divergence pattern CrowdStrike observed previously. Labyrinth Chollima has spawned two additional groups: Golden Chollima and Pressure Chollima. The spin-offs, which have been operating since 2020, …

Read Full Article
CFOtech AustraliaCFOtech Australia
+2 Reposted by 2 other sources

CrowdStrike splits LABYRINTH CHOLLIMA into three units

CrowdStrike has split North Korea-linked LABYRINTH CHOLLIMA into three units, two for crypto theft and one for industrial espionage.

Read Full Article
MASSIVE.NEWSMASSIVE.NEWS

LABYRINTH CHOLLIMA Evolves into Three Adversaries

GOLDEN CHOLLIMA GOLDEN CHOLLIMA targets economically developed regions with significant cryptocurrency and fintech presence, including the U.S., Canada, South Korea, India, and Western Europe. The adversary typically conducts smaller-value thefts at a more consistent operational tempo, suggesting responsibility for ensuring baseline revenue generation for the DPRK regime.  The adversary’s malware originates with Jeus in 2018 (and its macOS varia…

Read Full Article
Global Security Mag OnlineGlobal Security Mag Online
Reposted by
Global Security Mag OnlineGlobal Security Mag Online

Crowdstrike Identifies Three New North Korean Opponents From Labyrinth Chollima

CrowdStrike unveils new analyses revealing that North Korean actor LABYRINTH CHOLLIMA (DPRK-Nexus) has evolved to give birth to three new, distinct and highly specialized actors: GOLDEN CHOLLIMA, PRESSURE CHOLLIMA and the central group LABYRINTH CHOLLIMA. Analyses show that these actors now operate as separate organisational entities, with distinct objectives, malware and operational tempos, while remaining coordinated through shared infrastruct…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

CyberScoop broke the news in on Thursday, January 29, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Cyberattacks icon

Cyberattacks

CrowdStrike icon

CrowdStrike

Cryptocurrency icon

Cryptocurrency

North Korea icon

North Korea

Australia icon

Australia

Business & Markets icon

Business & Markets

Cybersecurity icon

Cybersecurity

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal