The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT as part of attacks targeting specific individuals in the Asia region in summer 2023. The malware could, “aside from standard RAT functionality, change the last write timestamp of a selected […]
The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans (RATs) on compromised hosts. Cisco Talos is tracking the activity under the name Operation Blacksmith, noting the use of […]
Threat actors from the Democratic People’s Republic of Korea (DPRK) are increasingly targeting the cryptocurrency sector as a major revenue generation mechanism since at least 2017 to get around sanctions imposed against the country. “Even though movement in and out of and within the country is heavily restricted, and its general population is isolated from […]
The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software. The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and LPEClient, a known hacking tool used […]
The North Korea-linked Lazarus Group (aka Hidden Cobra or TEMP.Hermit) has been observed using trojanized versions of Virtual Network Computing (VNC) apps as lures to target the defense industry and nuclear engineers as part of a long-running campaign known as Operation Dream Job. “The threat actor tricks job seekers on social media into opening malicious […]
The North Korea-linked Lazarus Group has been linked to a cyber espionage attack targeting an unnamed aerospace company in Spain in which employees of the firm were approached by the threat actor posing as a recruiter for Meta. “Employees of the targeted company were contacted by a fake recruiter via LinkedIn and tricked into opening […]
The North Korea-linked threat actor known as Lazarus Group has been observed exploiting a now-patched critical security flaw impacting Zoho ManageEngine ServiceDesk Plus to distribute a remote access trojan called such as QuiteRAT. Targets include internet backbone infrastructure and healthcare entities in Europe and the U.S., cybersecurity company Cisco Talos said in a two-part analysis […]
The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services (IIS) servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency response Center (ASEC), which detailed the advanced persistent threat’s (APT) continued abuse of DLL side-loading techniques to run arbitrary […]
The notorious North Korea-aligned state-sponsored actor known as the Lazarus Group has been attributed to a new campaign aimed at Linux users. The attacks are part of a persistent and long-running activity tracked under the name Operation Dream Job, ESET said in a new report published today. The findings are crucial, not least because it […]
A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the notorious North Korea-aligned Lazarus Group, new findings reveal. The payload, dubbed WinorDLL64 by ESET, is a fully-featured implant that can exfiltrate, overwrite, and delete files; execute PowerShell commands; and obtain comprehensive information about the underlying […]
The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity’s Ronin Network last month. On Thursday, the Treasury tied the Ethereum wallet address that received the stolen digital currency to the threat actor and sanctioned the funds by adding the […]
The US Cyber Commnad which has uploaded 11 malwares which are related to a North Korean Lazarus group. While investigating with several samples, US cyber command found that they belong to HOPLIGHT Trojan. This trojan is designed to gather information of the victim computer. According to ethical hacking researcher of international institute of cyber security […]
Lazarus Group is believed to be backed by the North Korean government and now it is using AppleJeus MacOS Malware. Security researchers from the Global Research and Analysis Team at Kaspersky Lab have discovered the first-ever Lazarus deployed malware for MacOS. It is reported that Lazarus has launched a new hacking campaign using AppleJeus malware. The group […]
The malware has been spread through a cryptocurrency exchange hack Lazarus Group, the North Korean hacker group responsible for the attack on Sony films a few years ago, has launched its first malware for MAC, according to cyber security organization specialists from the International Institute of Cyber Security. In a recently published report, researchers reported that Lazarus […]
The IT security researchers at McAfee have discovered that the Lazarus Group aka Hidden Cobra is back in action busy targeting global banking giants and unsuspecting Bitcoin users with a new sophisticated phishing campaign. Who is Lazarus Group If you are not familiar with who Lazarus Group are; they are a group of well-trained cybercriminals who according to […]
Bitcoin’s price set a new record on Saturday when it reached USD 19,000 a piece and it looks like North Korea is trying to take full advantage of it. According to security researchers at SecureWorks, the infamous Lazarus group known for their links with the North Korean government has been busy targeting cryptocurrency platforms by conducting a spearphishing campaign. Lazarus was […]
A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket. “[RustBucket] communicates with command and control (C2) servers to download and execute various payloads,” Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said in a technical report published last week. The Apple device management company […]
The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its tools and tactics as part of a long-running campaign called DeathNote. While the nation-state adversary is known for persistently singling out the cryptocurrency sector, recent attacks have also targeted automotive, academic, and defense sectors in […]
Security researchers from McAfee linked the global campaign dubbed Operation Sharpshooter to the infamous Lazarus Hacker Group. Sharpshooter campaign targets primarily on financial services, government, and critical infrastructure. The campaign was first identified in 2018, but according to the new analysis report, the campaign started as early as September 2017. Attackers targets broader set of […]
A cyber espionage APT group called Lazarus hits the cryptocurrency exchanges using fake installer and macOS malware using variously sophisticated techniques. Lazarus group widely known for cyber attacks against various financial institutions and they have successfully compromised several banks and other financial sectors. In this case attackers targeting various platform and developing malware based on […]
A New Malware campaign dubbed HaoBao distributing by North Korean Hacking Group “Lazarus” that specifically targets cryptocurrency and financial organizations via sophisticated cyber Attack. North Korean hacking group Lazarus actively spreading a huge number of spearphishing Emails and targeting many individuals in Beginning of 2017. Last year this campaign was heavily targeted military program insight or steal […]