News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: Lazarus

APT group Lazarus is behind the cyber attack on 3CX
7 May 2023
| No comments
| PR News
APT group Lazarus is behind the cyber attack on 3CX

With Operation DreamJob, the APT (Advanced Persistent Threat) group Lazarus attacked Linux users for the first time. The most prominent victim is the VoIP software developer 3CX. ESET experts discover connection to cyber attack on 3CX. The researchers at the IT security manufacturer ESET were able to reconstruct the entire course of the operation and thus prove that the hackers allied with North Korea were behind the so-called supply chain attacks ("supply chain attack"). The mischief takes its insidious course with a fake job offer as a zip file and ends with the SimplexTea malware. The Linux backdoor is distributed via an OpenDrive account. 3CX: It was Lazarus from North Korea...

Read more

Lazarus: New backdoor against targets in Europe 
March 19, 2023
| No comments
| Short news
Eset_News

The APT group Lazarus, known for many attacks, is also using a new backdoor malware against targets in Europe. According to ESET researchers, the intended uses are espionage and data manipulation. The malware researchers at the IT security manufacturer ESET have uncovered a new dangerous malware from the notorious APT group Lazarus (Advanced Persistent Threat). The increased occurrence in South Korea, the code and the behavior of the backdoor "WinorDLL64" suggest that it is the hacker gang allied with North Korea. However, the backdoor is also used for targeted attacks in the Middle East and Europe. At ESET research facilities…

Read more

APT Group Lazarus: North Korea captured $630 million
15. February 2023
| No comments
| Short news

According to a UN expert report, North Korea was able to capture a record amount of money in 2022 through cyber attacks by the APT group Lazarus. North Korean cybercriminals are believed to have stolen at least $630 million. The sanctioned country uses the money mainly to finance its nuclear and missile programs. The state group Lazarus, among others, is held responsible for the cyber attacks. In public reporting, the Lazarus Group is often used as a generic term for numerous North Korean cyber actors. A blog post by Mandiant provides detailed insights into the various institutions within the hermit state and helps to understand how...

Read more

Lazarus Group Unleashes Backdoor DTrack on Businesses
18 December 2022
| No comments
| Kaspersky, Short news
Kaspersky_news

Notorious APT actor Lazarus is expanding its attacks and is now targeting companies in Europe, including Germany and Switzerland. The Kaspersky experts were able to identify attacks with the backdoor DTrack on two German chemical processing and manufacturing companies and one on a Swiss chemical processing company. Lazarus has been active since at least 2009 and has been blamed for cyber espionage, cyber sabotage and ransomware attacks. Initially, the group was focused on implementing what appeared to be a geopolitical agenda centered primarily on South Korea….

Read more

Lazarus: BlueNoroff drains cryptocurrency startup accounts
23 January 2022
| No comments
| Kaspersky, PR News
Lazarus: BlueNoroff drains cryptocurrency startup accounts

Part of the Lazarus group developed complex infrastructure, exploits and malware implants. Threat Actor BlueNoroff Drains Cryptocurrency Startup Accounts. BlueNoroff uses comprehensive attack methodology. Kaspersky security researchers have uncovered a series of attacks by Advanced Persistent Threat (APT) actor BlueNoroff on small and medium-sized businesses worldwide. The victims suffered large cryptocurrency losses in the process. Dubbed 'SnatchCrypto', the campaign targets various companies involved in cryptocurrencies as well as smart contracts, DeFi, blockchain and the FinTech industries. In the recent campaign by threat actor BlueNoroff, attackers subtly leveraged employee trust…

Read more

Spyware campaign hit ICS computers worldwide
31 December 2021
| No comments
| Short news
Kaspersky_news

Thousands of industrial computers worldwide were affected by a spyware campaign. 1,6 percent of the affected ICS computers in Germany. The malware used shows similarities with Lazarus. From mid-January to mid-November 2021, Kaspersky experts observed new malware that infected more than 35.000 computers in 195 countries. The 'PseudoManuscrypt' malware shows similarities to the 'Manuscrypt' malware from the Advanced Persistent Threat (APT) group Lazarus. It has advanced espionage capabilities and has so far been detected in attacks on government organizations and industrial control systems (ICS). 35.000 ICS computers affected Industrial companies are among the most sought-after targets for cybercriminals - both from...

Read more

Lazarus group attacks logistics company
22 April 2021
| No comments
| ESET, Short news
Eset_News

Lazarus Group attacks logistics company: Failures in global freight logistics can have serious consequences. Whether digital or analog: failures are particularly sensitive for global freight logistics. This was shown recently by the blockade of the Suez Canal by the container ship “Ever Given”. ESET researchers have now discovered a previously unknown backdoor that was used in an attack on a freight logistics company in South Africa. Behind the malware is the infamous Lazarus group. For this purpose, the security experts of the European IT security manufacturer discovered similarities with previous operations and procedures of the hacking group. Backdoor Vyveva has espionage functions The backdoor called Vyveva has ...

Read more

APT group Lazarus attacks defense companies
March 23, 2021
| No comments
| Kaspersky, Short news
Kaspersky_news

APT group Lazarus has defense companies in its sights. Malware 'ThreatNeedle' also attacks restricted networks without internet access. Kaspersky researchers have identified a new, previously unknown campaign by the advanced threat actor Lazarus. Since the beginning of 2020, this has been aimed against companies in the defense industry with the custom backdoor 'ThreatNeedle'. The backdoor moves laterally through infected networks and collects confidential information. Lazarus can steal data from both IT and restricted networks. Lazarus group active since 2009 Lazarus is a very productive threat actor that has been active since at least 2009. The group is for ...

Read more

Lazarus group manipulates security software
4 December 2020
| No comments
| Short news
Eset_News

ESET researchers analyze the latest activity of the infamous APT group: Lazarus group manipulates security software. ESET researchers uncovered a campaign by the Lazarus group targeting South Korean internet users. The attackers use malware that infects the software supply chain through unusual manipulation. To do this, the hackers misuse a legitimate South Korean security software called WIZVERA VeraPort and digital certificates. In South Korea, it is common practice for users to be asked to install additional security software when they visit government or internet banking websites. The ESET researchers have now published their detailed analysis on WeliveSecurity. "WIZVERA ...

Read more

© 2024 MedPressIT GbR
Cookie Settings