To make sure your company is on the up-and-up on cybersecurity, visit CyberPolicy.Attack chains unfolded upon the opening of the lure documents, leading to the distribution of malicious droppers that were trojanized versions of open source projects, corroborating recent reports from Google's Mandiant and Microsoft.ĮSET said it uncovered evidence of Lazarus dropping weaponized versions of FingerText and sslSniffer, a component of the wolfSSL library, in addition to HTTPS-based downloaders and uploaders. Though some of the cyberattacks initiated by the hacking collective were to extort money, others were to garner intel and surveil organizations.Įvery hacking collective has their own M.O., but the end is always the same: the meltdown of an organization. According to one researcher, \"these aren't pieces of malware that are being shared on underground forums-these are very well guarded codebases that haven't leaked out or been around publicly.\" The dead giveaway was Lazarus' reuse of malware code. By following their cyberwar trail and deciphering the tool usage, cybersecurity researchers learned that these different cyber collectives were actually one and the same. Each of the cybercrime rings used the same tools used to crack an organization's server.Īfter the cyberattack commenced, the group would retreat into the darkness, not to be heard from ever again, or so it was thought. In the beginning, this led the cybersecurity community to believe these cyberattacks were being committed by different groups until investigations proved otherwise. − IsOne − WhoIs Team − NewRomanic Cyber Army TeamĪs reported by the Washington Post, after the hacking collective issues an attack and gleans the data they need, they disappear. Perhaps its memorable hack came in 2014, when Lazarus hacked Sony Pictures Entertainment, costing the company over $35 million in IT repairs, not to mention a significant hit to its reputation.Īt the time of the Sony hack, the hackers were called \"Guardians of Peace.\" Since then, it has been learned that these "Guardians of Peace" were in fact made up of Lazarus members, hence their new name Lazarus: " seems to rise up with new identities for different campaigns." Other monikers the Lazarus cyber collective has toted include: Lazarus has been an active cyber collective since as far back 2009. This is not the first time Lazarus has been found responsible for committing cybercrime at the behest of the North Korean government. The malware, Dark Matter writes, "is used to attack only particular IP addresses that belong to residents of 31 countries and from 104 specific organizations." How is the hacking collective accessing the private data of foreign organizations? Lazarus is using a watering hole attack, this is when loader software installs malware on websites. This is major cybersecurity news a hostile foreign government is working tirelessly to disrupt the reputation and economic stability of other countries, including South Korea and Poland. This 21st century blessing of Lazarus is a little different from the biblical telling. The Lazarus as is known today is a North Korean cyber collective that has, according to Symantec, targeted high-profile organizations in 31 different countries, including Sony and the Bangladesh Bank with the North Korean government's blessing. The Lazarus that will be discussed in this article isn't the one whom rose from the dead, no. ![]() The most popular figure of the same name is the biblical Lazarus, a man Jesus raised from the dead. The term "Lazarus" has commonly been associated with entities that have been reanimated, with biological organisms that had died, but somehow, came back to life.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |