2026-02-16 –, Auditorium
AppleJeus, also known as Citrine Sleet, Gleaming Pisces, and Smooth Operator, is the North Korean hacker behind the Radiant Capital heist among others. This is the story of finding a previously undiscovered AppleJeus campaign targeting fintech. This talk will also give some background on North Korean hacking groups, show simple pivoting for analysts, and give recommendations to help protect your organization from North Korean threat actors.
This talk will have a little bit of everything! Collaboration between different North Korean hacking groups! Involvement in hacking by North Korean IT workers! Activity across platforms including GitHub, NPM, PyPI, Twitter, and Discord!
Daniel Gordon has over a decade of experience hunting, researching, tracking, and stopping North Korean hacking groups across both public and private sector. He has a bunch of degrees and certifications, and has published blogs for DarkReading, War on the Rocks, and Risky.biz and given talks on North Korean hacking at SleuthCon and FTSCon.