Lazarus APT

Pierluigi Paganini June 30, 2022
Experts blame North Korea-linked Lazarus APT for the Harmony hack

North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. The company reported the incident to the authorities, the FBI is investigating the cyber heist with the help of several cybersecurity firms.  Harmony’s […]

Pierluigi Paganini April 16, 2022
U.S. Gov believes North Korea-linked Lazarus APT is behind Ronin Validator cyber heist

The U.S. government blames North Korea-linked APT Lazarus for the recent $600 million Ronin Validator cyber heist. The U.S. government attributes the recent $600 million Ronin Validator cryptocurrencty heist to the North Korea-linked APT Lazarus. The U.S. Treasury announced in a notice the sanctions against the Ethereum address used by the APT to receive the […]

Pierluigi Paganini January 27, 2022
North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

North Korea-linked Lazarus APT group uses Windows Update client to deliver malware on Windows systems. North Korea-linked Lazarus APT started using Windows Update to execute the malicious payload and GitHub as a command and control server in recent attacks, Malwarebytes researchers reported. The activity of the Lazarus APT group surged in 2014 and 2015, its members used […]

Pierluigi Paganini February 17, 2021
US DoJ charges three members of the North Korea-linked Lazarus APT group

The US DOJ charged three members of the North Korea-linked Lazarus Advanced Persistent Threat (APT) group. The U.S. Justice Department indicted three North Korean military intelligence officials, members of the Lazarus APT group, for their involvement in cyber-attacks, including the theft of $1.3 billion in money and crypto-currency from organizations around the globe. The indictment […]

Pierluigi Paganini January 29, 2021
Microsoft: North Korea-linked Zinc APT targets security experts

Microsoft, like Google TAG, observed a cyber espionage campaign aimed at vulnerability researchers that attributed to North Korea-linked Zinc APT group. Researchers from Microsoft monitored a cyber espionage campaign aimed at vulnerability researchers and attributed the attacks to North Korea-linked Zinc APT group. “In recent months, Microsoft has detected cyberattacks targeting security researchers by an […]

Pierluigi Paganini November 16, 2020
Lazarus malware delivered to South Korean users via supply chain attacks

North Korea-linked Lazarus APT group is behind new campaigns against South Korean supply chains that leverage stolen security certificates.  Security experts from ESET reported that North-Korea-linked Lazarus APT (aka HIDDEN COBRA) is behind cyber campaigns targeting South Korean supply chains. According to the experts the nation-state actors leverage stolen security certificates from two separate, legitimate South […]

Pierluigi Paganini November 13, 2020
Three APT groups have targeted at least seven COVID-19 vaccine makers

At least the three nation-state actors have targeted seven COVID-19 vaccine makers, they are Strontium, Lazarus Group, and Cerium, Microsoft warns. Microsoft revealed that at least three APT groups have targeted seven companies involved in COVID-19 vaccines research and treatments. “In recent months, we’ve detected cyberattacks from three nation-state actors targeting seven prominent companies directly […]

Pierluigi Paganini August 29, 2020
North Korea-linked APT group BeagleBoyz targets banks

North Korea-linked APT group BeagleBoyz intensified its operations since February, US CISA, Department of the Treasury, FBI, and USCYBERCOM warn. According to a joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury, the Federal Bureau of Investigation (FBI), and U.S. Cyber Command (USCYBERCOM) North Korea-linked APT group BeagleBoyz […]

Pierluigi Paganini August 26, 2020
Lazarus APT targets cryptocurrency organizations with using LinkedIn lures

North Korea-linked Lazarus APT group targets cryptocurrency organizations with fake job offers in an ongoing spear-phishing campaign. North Korea-linked Lazarus APT group (aka HIDDEN COBRA) has been observed while using LinkedIn lures in a spear-phishing campaign targeting the cryptocurrency organizations worldwide, including in the United States, the United Kingdom, Germany, Singapore, the Netherlands, Japan. The activity of […]

Pierluigi Paganini July 29, 2020
North Korea-Linked Lazarus APT is behind the VHD ransomware

Security experts from Kaspersky Lab reported that North Korea-linked hackers are attempting to spread a new ransomware strain known as VHD. North Korean-linked Lazarus APT Group continues to be very active, the state-sponsored hackers are actively employing new ransomware, tracked as VHD, in attacks aimed at enterprises. The activity of the Lazarus Group surged in 2014 and […]