LABYRINTH CHOLLIMA Evolves into Three Adversaries

CrowdStrike Intelligence profiles three distinct DPRK cyber units—GOLDEN (steady crypto/fintech theft), PRESSURE (high‑value crypto heists), and LABYRINTH (espionage)—detailing their specialized malware families (e.g., Jeus/AppleJeus, FudModule, SnakeBaker), use of zero-day exploits, cloud pivots, supply‑chain compromises, and employment-themed social engineering targeting fintech, crypto, defense, manufacturing, and logistics; the report warns organizations in these sectors to heighten vigilance for trojanized software, malicious Node.js/Python packages, and messaging-based lures.