Threat Intelligence Report

NICKEL ALLEY strategy: Fake it ‘til you make it

📅 March 23, 2026 📰 www.sophos.com 🔍 0 CVE(s) referenced

North Korea-linked threat group NICKEL ALLEY is aggressively targeting software developers with sophisticated fake job schemes, fraudulent companies, and malicious code repositories to deploy custom malware and steal cryptocurrency, while also seeking opportunities for broader supply chain compromise and corporate espionage.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle