Five Steps for Frontier AI Security Readiness Download

Stardust Chollima

Discover the adversaries targeting your industry

Back to Adversary Universe
chollimaalt

STARDUST CHOLLIMA is a Democratic People’s Republic of Korea (DPRK)-nexus adversary that has been active operationally since at least 2015 and is affiliated with large-scale currency generation operations. CrowdStrike Intelligence assesses that STARDUST CHOLLIMA likely represents an element of Bureau 121 of the DPRK’s Reconnaissance General Bureau (RGB) based on public disclosures by the U.S. gove...

  • Stardust Chollima

  • North Korea, East Asia, Asia

Community Identifiers

BeagleBoyz, CageyChameleon, CryptoMimic, Leery Turtle, TAG-71, APT38, Lazarus Group, HIDDEN COBRA, CryptoCore, COPERNICIUM, Alluring Pisces, Bluenoroff, Dangerous Password, Sapphire Sleet, UNC1069, TA444

Objective

Financial Gain, Intelligence Gathering

Motivation

State-Sponsored, Criminal

Contact sales

Thank you for your request!

A member of our team will be in touch shortly

Contact our team about IOCs for this adversary

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.
Contact us
Adversaries Map

Who's targeting your industry?

Today's adversaries are faster, smarter, and better resourced. Know who they are and how to stop them.

View adversaries
Threat Hunting report spread

CrowdStrike 2025 Threat Hunting Report


Adversaries weaponize and target AI at scale.
Learn more