Search OpenSanctions

Bluenoroff

Export controlled · Sanctioned entity

Bluenoroff is subject to sanctions. See the individual program listings below.

Type	Organization				[sources]
Name	Bluenoroff · Stardust Chollima · ブルーノロフ				[sources]
Alias	BlueNoroff				[sources]
Weak alias	APT 38 · APT38 · Stardust Chollima				[sources]
Legal form	not available				[sources]
Country	North Korea				[sources]
Description	North Korean cybercrime group controlled by the Reconnaissance General Bureau (RGB; KPe.031).				[sources]
Unique Entity ID	`N8Y9W2MA9LD5`				[sources]
Status	not available				[sources]
Address	Korea, North · 北朝鮮				[sources]
Source link	home.treasury.gov · sanctionssearch.ofac.treas.gov				[sources]
Last change	2025-11-19	Last processed	2025-11-20	First seen	2023-04-20

Descriptions

Stardust Chollima; APT 38; APT38

— Japan Economic Sanctions and List of Eligible People, 2023-09-01

スターダスト・チョルリマ；エー・ピー・ティー３８

— Japan Economic Sanctions and List of Eligible People, 2023-09-01

According to Annex 59 of the UN Panel of Experts March 2024 Report, the DPRK cyber actors BlueNoroff and TA444 have overlaps.

— DPRK Reports non-official source, 2024-05-02

Relationships

Sanctions
Country	Authority	Program	Start date	End date
Japan	Ministry of Finance		2023-09-01	-

Address
Full address	Country
北朝鮮	North Korea

Documents
Document	Date
Treasury Sanctions North Korean State-Sponsored Malicious Cyber Groups	2019-09-13

Linked from
Subject	Role	Start date	End date
TA444	TA444 "overlaps" with Bluenoroff, aka Stardust Chollima	-	-
Third Bureau of the Reconnaissance General Bureau	Stardust Chollima is reported to be included in the Third Bureau of the Reconnaissance General Bureau

Linked to
Object	Role	Start date	End date
Lazarus Group Financial crime · Export controlled · Sanctioned entity	BlueNoroff (Stardust Chollima) is a subgroup of the Lazarus Group	-	-

Data sources

Japan Economic Sanctions and List of Eligible People3,965

Sanctions imposed by Japan under its Foreign Exchange and Foreign Trade Law.

Japan · MoF

Taiwan Strategic High-Tech Commodities Entity List9,823

Entities subject to export restrictions due to concerns about the end-use or end-users, particularly relating to weapons of mass destruction (WMD) or other military applications.

Taiwan · MOEA

US Trade Consolidated Screening List (CSL)23,387

The Consolidated Screening List (CSL) is a list of parties for which the United States Government maintains restrictions on certain exports, re-exports, or transfers of items.

United States · ITA

US OFAC Specially Designated Nationals (SDN) List35,452

The primary United States' sanctions list, specially designated nationals (SDN) part.

United States · OFAC

US SAM Procurement Exclusions105,660

A database of suppliers who have been excluded from participating in US federal procurement.

United States · GSA

DPRK Reports5,501

A database of entities and events related to North Korea's sanctions evasion efforts.

United Kingdom · RUSI · non-official source

External databases

The record has been enriched with data from the following external databases:

US OFAC Press Releases7,318

US OFAC press releases that provide context and details related to sanctioned entities.

External dataset · United States · OFAC

Source data IDs: ofac-pr-d87aa7e96c914338962df6806f02eb0c5d107a88 · tw-shtc-eff1b85a4372dd0c807b8826535dbe9b3257cd2f · ja-mof-011e83f4995a3526bea80a7641d14967cbe00581 · ofac-27308 · usgsa-s4mr9rtm1 · kprusi-3ab4e91c981e0d769c50009746be35b430636624

For experts: raw data explorer

Factsheet Descriptions Data sources

OpenSanctions is free for non-commercial users. Businesses must acquire a data license to use the dataset.

Use the API License in bulk