04 Oct 2022

Lazarus Group Exploits Dell Driver Vulnerability to Bypass Windows Security

North Korean threat actor Lazarus Group has been observed by security researchers deploying a Windows rootkit. The rootkit has been deployed by exploiting a Dell firmware driver, the researchers say. ESET was the first to detect this addition to the group’s constantly evolving techniques. According to ESET the campaign was

Read More
03 Oct 2022

Lazarus-Associated Hackers Weaponize Open-Source Tools Against Several Countries

Notorious North Korean-associated hacking group Lazarus has been identified in a new campaign weaponizing legitimate open-source software. The software is being leverages by the group to target employees in organizations across multiple industries and countries. Microsoft’s Threat Intelligence Center recently published an advisory regarding the threat on Thursday. The report

Read More
28 Sep 2022

Lazarus Lures Aspiring Crypto Pros With Fake Exchange Job Postings

New information has led researchers to believe that the Lazarus threat actor group has expanded its campaign leveraging fake job opportunities to lure cryptocurrency professionals. The fake job profiles have been extended to cryptocurrency exchanges that mislead job seekers into downloading malware. The attack is targeting macOS users, according to

Read More
18 Aug 2022

APT Lazarus Targets Engineers with macOS Malware

North Korean advanced persistent threat actor Lazarus is leveraging the current popularity of the blockchain and cryptocurrency industry to target organizations and individuals running Apple and Intel-based systems. The cyber espionage campaign recently identified consists of Lazarus deploying fake job postings for Coinbase. The job posting contains a malicious Mac

Read More
05 May 2022

VHD Ransomware Linked to North Korea’s Lazarus Group

Security researchers at Trellix discovered new VHD ransomware linked to North Korea’s Lazarus group. Although the researchers suspect that the malware has been around since March 2020, it has never been tied to a group. Researchers at Trellix examined source code and Bitcoin transactions to link the ransomware to the

Read More
29 Jan 2021

Lazarus Affiliate ‘ZINC’ Blamed for Campaign Against Security Researcher

Recent attacks against security researchers have been linked to North Korean APT ZINC, an affiliate of the notorious Lazarus group. New details have emerged on the attack, describing how the APT exploited Visual Studio, a Microsoft product, to infect systems with malware now known to be the comebacker malware variant.

Read More
28 Dec 2020

Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack

The APT Lazarus Group and other threat actors have allegedly been actively trying to steal COVID-19 research, likely to speed up their own countries’ vaccine development efforts. Lazarus is likely seeking to steal intellectual property to report back to North Korea, according to Kaspersky researchers. Lazarus recently attacked both a

Read More
06 Nov 2020

This hacking group is using previously unknown tools to target defence contractors

McAfee security researchers first released detailed information on Operation North Star earlier this year, highlighting the campaigns conducted by Lazarus Group (Hidden Cobra) targeting defense and aerospace companies in a social engineering and phishing campaign. McAfee’s coverage showed that the campaign was larger than previously thought. In the McAfee report,

Read More
17 Sep 2020

Likely Links Emerge Between Lazarus Group and Russian-Speaking Cybercriminals

Yesterday, newly published nalysis from the security firm Intel 471 uncovered links between North Korea’s Lazarus Group and Russian-speaking cybercriminals. The report pinpoints links between the two organizations through examining years of security incidents. The conclusion, however, depends on two popular and generally accepted assumptions: that the Trickbot, TA505, and

Read More
02 Sep 2020

New Threat Activity by Lazarus Group Spells Trouble For Orgs

North Korean hacking group known as Lazarus has allegedly launched several cyber campaigns that aim to raise finances for the country’s missile program. Last week, the US government issued a warning about how the group was currently targeting banks in several different countries. Cybersecurity experts believe that these ventures bring

Read More