NICKEL ACADEMY is an alternate name for the group known as APT38

---

NICKEL ACADEMY is an advanced persistent threat (APT) that has been active since at least 2016 and continues to target various industries, including government agencies, defense contractors, and financial institutions. The group\'s primary focus appears to be on stealing sensitive information related to military operations, weapons systems, and research projects. NICKEL ACADEMY has been linked to several high-profile cyber attacks in recent years, including the 2017 WannaCry ransomware attack that affected hundreds of thousands of computers worldwide. The group is known for its sophisticated tactics and use of advanced malware tools such as POWERSTATIC and MALWARETESOFT.

Techniques, tactics and practices:

NICKEL ACADEMY is a highly sophisticated threat actor that employs various techniques to achieve its objectives. Some of their tactics include:

1. Spear-phishing emails - The group sends targeted phishing emails with malicious attachments or links, often disguised as legitimate messages from trustworthy sources such as government agencies and financial institutions.
2. Social engineering - NICKEL ACADEMY uses social engineering tactics to gain access to sensitive information by manipulating human behavior through psychological tricks like fear-mongering or flattery.
3. Malware distribution - The group distributes malicious software, such as POWERSTATIC and MALWARETESOFT, via email attachments, infected websites, or other means to gain access to their targets\' systems.
4. Remote access tools (RATs) - NICKE