CyberSecurityBoard
Sponsor Register Login

Lazarus Group

Lazarus Group is a North Korean state-sponsored cyber threat group that has been attributed to the Reconnaissance General Bureau. The group has been active since at least 2009 and was reportedly responsible for the November 2014 destructive wiper attack against Sony Pictures Entertainment as part of a campaign named Operation Blockbuster by Novetta. Malware used by Lazarus Group correlates to other reported campaigns, including Operation Flame, Operation 1Mission, Operation Troy, DarkSeoul, and Ten Days of Rain. North Korean group definitions are known to have significant overlap, and some security researchers report all North Korean state-sponsored cyber activity under the name Lazarus Group instead of tracking clusters or subgroups, such as Andariel, APT37, APT38, and Kimsuky.

This Cyber News was published on attack.mitre.org. Publication date: Thu, 07 Dec 2023 22:12:07 +0000


Cyber News related to Lazarus Group

Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
1 year ago Darkreading.com Lazarus Group
Lazarus hackers drop new RAT malware using 2-year-old Log4j bug - The new malware are two remote access trojans named NineRAT and DLRAT and a malware downloader named BottomLoader. The D programming language is rarely seen in cybercrime operations, so Lazarus probably chose it for new malware development to evade ...
1 year ago Bleepingcomputer.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
5 months ago Securelist.com
North Korean hackers exploit critical TeamCity flaw to breach networks - Microsoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to deploy backdoor malware, likely to conduct software supply chain attacks. In September, TeamCity fixed a critical ...
1 year ago Bleepingcomputer.com CVE-2023-42793 Andariel
UK, ROK sound alarm over North Korean supply chain attacks The Register - The national cybersecurity organizations of the UK and the Republic of Korea have issued a joint advisory warning of an increased volume and sophistication of North Korean software supply chain attacks. "In an increasingly digital and interconnected ...
1 year ago Theregister.com Lazarus Group
North Korean Hackers Developing Malware in Dlang Programming Language - The North Korea-linked hacking group Lazarus has been observed deploying Dlang malware in attacks against organizations in the manufacturing, agriculture, and physical security sectors, Cisco's Talos security researchers report. Released in 2001, ...
1 year ago Packetstormsecurity.com Andariel
North Korean Hackers Developing Malware in Dlang Programming Language - The North Korea-linked hacking group Lazarus has been observed deploying Dlang malware in attacks against organizations in the manufacturing, agriculture, and physical security sectors, Cisco's Talos security researchers report. Released in 2001, ...
1 year ago Securityweek.com Andariel
OKX suspends DEX aggregator after Lazarus hackers try to launder funds - OKX Web3 has decided to suspend its DEX aggregator services to implement security upgrades following reports of abuse by the notorious North Korean Lazarus hackers, who recently conducted a $1.5 billion crypto heist. OKX is a leading global ...
2 days ago Bleepingcomputer.com Lazarus Group
Lazarus Group Attacking Crypto Users Via Telegram - In a calculated escalation of cyber warfare, the Lazarus Group, a notorious North Korea hacking unit, has pivoted its focus to cryptocurrency projects, employing intricate phishing scams on the widely-used platform Telegram. SlowMist, a cybersecurity ...
1 year ago Cybersecuritynews.com Lazarus Group
North Korean Hackers Cash Out $300 Million From $1.46 Billion ByBit Crypto Heist - Lazarus Group hackers believed to be affiliated with North Korea’s regime have successfully laundered at least $300 million from their unprecedented $1.5 billion cryptocurrency heist targeting the ByBit exchange. Elliptic’s analysis ...
1 week ago Cybersecuritynews.com Lazarus Group
North Korean Hackers' $12M Ethereum Laundering Via Tornado Cash Unveiled - It has been reported that North Korean hackers associated with the Lazarus Group have exploited Tornado Cash in a recent development to launder approximately $12 million worth of stolen Ethereum in the last 24 hours, using the coin mix-up service ...
1 year ago Cysecurity.news Lazarus Group
North Korean hackers linked to $1.5 billion ByBit crypto heist - Since the attack, crypto fraud investigator ZachXBT has discovered links between the Bybit hackers and the infamous North Korean Lazarus threat group after the attackers sent stolen Bybit funds to an Ethereum address previously ...
3 weeks ago Bleepingcomputer.com Lazarus Group
Lazarus Group Confirmed Responsible For Major Cyber Attacks - The Lazarus Group, a North Korean-sponsored cybercrime network, has been officially confirmed as responsible for a series of major cyber-attacks. The attacks, which began in 2009, were designed to target international sanctions that had been placed ...
2 years ago Heimdalsecurity.com Lazarus Group
North Korean Hackers Attacked Indian Medical and Energy Companies - The North Korean military's notorious hacking arm, known as the Lazarus Group, has been accused of targeting public and private sector research organizations, an Indian medical research company, and other businesses in the energy sector. Security ...
2 years ago Therecord.media Lazarus Group BianLian
Hackers from North Korea Aimed at Medical and Energy Industries - The North Korean Lazarus hacking group has been identified as the perpetrator of a recent cyber espionage operation known as No Pineapple!. This designation highlights the group's malicious activities and its ability to carry out sophisticated ...
2 years ago Cybersecuritynews.com
Microsoft: Lazarus hackers breach CyberLink in supply chain attack - Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers to push malware in a supply chain attack targeting potential victims worldwide. According to Microsoft ...
1 year ago Bleepingcomputer.com Lazarus Group
FBI confirms Lazarus hackers were behind $1.5B Bybit crypto heist - Since the incident, crypto fraud investigator ZachXBT discovered multiple links to the infamous North Korean threat group after the attackers sent some of the stolen Bybit funds to an Ethereum address used in the Phemex, BingX, and Poloniex hacks ...
3 weeks ago Bleepingcomputer.com APT3 APT38 Lazarus Group
CVE-2022-48895 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago
Lazarus Group hackers appear to return to Tornado Cash for money laundering - North Korea's Lazarus hacking group allegedly has turned back to an old service in order to launder $23 million stolen during an attack in November. Investigators at blockchain research company Elliptic said on Friday that in the last day they had ...
1 year ago Therecord.media Lazarus Group
State-Sponsored APT Groups Use Ransomware Tactics for Intelligence Gathering and Sabotage - State-sponsored threat groups are increasingly using ransomware-like tactics to hide more insidious activities. Russian APT group Sandworm has used ransomware programs to destroy data multiple times in the past six months, while North Korea's Lazarus ...
2 years ago Csoonline.com Andariel APT3 APT37 APT38 Kimsuky Lazarus Group BianLian
Lazarus Hackers Exploit 2-Year-Old Log4j Vulnerability to Deploy New RAT Malware - Researchers warn Lazarus threat actors still exploit known Log4j vulnerability to infect devices with new DLang malware strains. The new campaign, dubbed Operation Blacksmith, became active on March 23. Hackers target manufacturing, agricultural, and ...
1 year ago Heimdalsecurity.com CVE-2021-44228
Lazarus Group - Lazarus Group is a North Korean state-sponsored cyber threat group that has been attributed to the Reconnaissance General Bureau. The group has been active since at least 2009 and was reportedly responsible for the November 2014 destructive wiper ...
1 year ago Attack.mitre.org Andariel APT3 APT37 APT38 Kimsuky Lazarus Group
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers - The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group. A cryptocurrency mixer is a server that allows people to deposit crypto, ...
1 year ago Bleepingcomputer.com Lazarus Group
security and privacy in Facebook groups - Having found myself roped into assisting as co-administrator a couple of Facebook groups with security/privacy issues, I thought I should, perhaps, share what little I know about defending your group against scam and spam posts and comments by ...
1 year ago Securityboulevard.com
FBI Uncovers North Korean Hacking Group 'Lazarus' Behind 100M Crypto Heist - The FBI has unveiled evidence connecting a North Korean hacking group known as 'Lazarus' to the massive crypto heist of over $100 million – one of the biggest digital currency thefts to date. ...
2 years ago Therecord.media Lazarus Group

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)