Home/ Threat Actors/ AppleJeus

🌐AppleJeus

🌐 AppleJeus is a tracked threat actor in the Clankerusecase corpus. ??-aligned. Primary motivation: State. We map 6 detection use cases to this actor across 2 MITRE ATT&CK techniques, with 0 threat-intel articles citing them.

View full actor card → All threat actors MITRE ATT&CK group spec (G1049) ↗

6Use cases

0Articles

2Techniques

0IOCs

About this actor (MITRE)

[AppleJeus](https://attack.mitre.org/groups/G1049) is a North Korean state-sponsored threat group attributed to the Reconnaissance General Bureau. Associated with the broader [Lazarus Group](https://attack.mitre.org/groups/G0032) umbrella of actors, [AppleJeus](https://attack.mitre.org/groups/G1049) has been active since at least 2018 and is closely aligned in resources with TEMP.hermit, another DPRK-affiliated group under the same umbrella.(Citation: dtex DPRK 2025 structure ITworkers) The group’s primary mission is to generate and launder revenue to provide financial support to the governmen

Known aliases

AppleJeusGleaming PiscesCitrine SleetUNC1720UNC4736

Top techniques

T1566 · Phishing T1657 · Financial Theft

Detection use cases (6)

CrowdStrike Falcon alert ingested MITRE match Microsoft Teams external-tenant chat from unverified IT-helpdesk impersonator MITRE match Gdrive suspicious file sharing MITRE match Gsuite suspicious calendar invite MITRE match Windows InProcServer32 New Outlook Form MITRE match Windows Phishing Outlook Drop Dll In FORM Dir MITRE match