The actor Microsoft tracks as Diamond Sleet is a North Korea-based activity group known to target media, defense, and information technology (IT) industries globally. Diamond Sleet focuses on espionage, theft of personal and corporate data, financial gain, and corporate network destruction. Diamond Sleet is known to use a variety of custom malware that is exclusive to the group, the latest being LambLoad, ForestTiger, RollSling and ZetaNile. Diamond Sleet has also used social networking as the primary delivery vector, delivering spear phishing and drive-by compromises. The group has used zero-day exploits for elevation of privilege and remote code execution. Diamond Sleet is tracked by other security companies as Lazarus, Black Artemis, and Labyrinth Chollima.
Register now to watch the on-demand web seminar featuring Microsoft Digital Defense Report 2024 insights.
Follow Microsoft Security