An APT actor that’s been active since at least 2009. This group is believed to be responsible for numerous multifaceted campaigns that include cyberespionage, cyber sabotage, ransomware, and attacks against financial institutions. Originally, the group was focused on carrying out what seemed to be a geopolitical agenda mainly focused on South Korea. However, it has since moved on to global targets and has begun launching attacks for financial gain.