Lazarus group is behind encryption trojan
The backdoor of the multi-platform malware framework MATA was used in VHD ransomware and exposed the APT group Lazarus as the backers of the. During the analysis of two cases of VHD ransomware in attacks in Europe and Asia, Kaspersky researchers were able to assign them to the notorious North Korean APT group Lazarus. Both the development of ransomware and the financially motivated background of it indicate a change in strategy for the group; both are highly unusual for a government-sponsored APT group. In March and April 2020 there were first reports about the so-called VHD ransomware, which is characterized by its self-replication ability and aims to collect money from ...