![]() ![]() ![]() On top of custom tools, the Lazarus Group also leverages projects that are either available from GitHub or provided commercially. Unlike toolsets used by some other cybercriminal groups, none of the source code of any Lazarus tools has ever been disclosed in a public leak. the collection of all files that are considered by the security industry as fingerprints of the group’s activity) is quite broad, and we believe there are numerous subgroups. Some of the past attacks attributed to the Lazarus Group attracted the interest of security researchers who relied on Novetta et al’s white papers with hundreds of pages describing the tools used in the attacks – the Polish and Mexican banks the WannaCryptor outbreak phishing campaigns against US defense contractors, etc – and provides grounds for the attribution of these attacks to the Lazarus Group. These cybercriminals rose into prominence with the infamous case of cyber-sabotage against Sony Pictures Entertainment. ![]() The Lazarus Group was first identified in Novetta’s report Operation Blockbuster in February 2016 US‑CERT and the FBI call this group Hidden Cobra. In all of these incidents the attackers utilized similar toolsets, including KillDisk the disk-wiping tool that was executed on compromised machines. Our analysis shows that the cybercriminals behind the attack against an online casino in Central America, and several other targets in late-2017, were most likely the infamous Lazarus hacking group. Fast forward to late 2017 and the group continues to deploy its malicious tools, including disk-wiping malware known as KillDisk, to attack a number of targets. The Lazarus Group gained notoriety especially after cyber-sabotage against Sony Pictures Entertainment in 2014. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |