CrowdStrike has identified three new cyber adversaries linked to North Korea, emerging from the previously known threat actor LABYRINTH CHOLLIMA.
In a new research report, the cybersecurity firm said LABYRINTH CHOLLIMA has evolved into three distinct but coordinated groups: GOLDEN CHOLLIMA, PRESSURE CHOLLIMA, and a core LABYRINTH CHOLLIMA unit.
Each operates as a separate organizational cell with its own objectives, malware, and operational pace, while sharing infrastructure and tools.
CrowdStrike said GOLDEN CHOLLIMA and PRESSURE CHOLLIMA primarily target cryptocurrency platforms and financial institutions to generate revenue, operating at scale.
Meanwhile, the core LABYRINTH CHOLLIMA group continues to focus on espionage, with attacks aimed at industrial, logistics, and defense-related organizations.
The firm described the shift as a deliberate evolution in DPRK cyber operations, allowing multiple strategic objectives to be pursued in parallel under centralized coordination.
READ MORE TECH NEWS.
