![]() ![]() 2020 – Pharmaceutical Company Attacksĭue to the ongoing COVID-19 pandemic, pharmaceutical companies became major targets for the Lazarus Group. The US Department of Justice and British authorities later attributed the WannaCry attack on the North Korean hackers, the Lazarus group. This was one of the first attacks to spread via a cryptoworm. Europol estimates it affected nearly 200,000 computers in 150 countries, primarily affecting Russia, India, Ukraine, and Taiwan. The attack lasted 7 hours and 19 minutes. The WannaCry attack was a massive ransomware cyber attack that hit institutions across the globe ranging all the way from the NHS in Britain, to Boeing, and even to Universities in China on the 12th of May, 2017. Cybersecurity experts claimed that the North Korea-based Lazarus Group was behind the attack. The Federal Reserve Bank of New York blocked the remaining thirty transactions, amounting to $850M, due to suspicions raised by a misspelled instruction. Five of the thirty-five fraudulent instructions were successful in transferring $101M with $20M traced to Sri Lanka and $81M to Philippines. Thirty-five fraudulent instructions were issued by security hackers via the SWIFT network to illegally transfer nearly $1B from the Federal Reserve Bank of New York account belonging to Bangladesh Bank. 2016 – Bangladesh Bank Heistīangladesh Bank cyber heist, was a theft that took place in February 2016. The hackers were able to access previously unreleased films, emails, and the personal informations about 4,000 employees. An interview with someone claiming to be part of the group stated that they had been stealing Sony’s data for over a year. Large amounts of data were stolen and slowly leaked in the days following the attack. On that day, a Reddit post appeared stating that Sony Pictures have been hacked via unknown means the perpetrators identified themselves as the “Guardians of Peace”. The Lazarus Group attacks culminated on November 24, 2014. The volley of attacks struck about three dozen websites and placed the text “Memory of Independence Day” in the master boot record (MBR). This attack utilized the Mydoom and Dozer malwares to launch a large-scale, but quite unsophisticated, DDoS attack against US and South Korean websites. North Korean group definitions are known to have significant overlap and some security researchers report all North Korean state-sponsored cyber activity under the name Lazarus Group instead of tracking clusters or subgroups. Cyber Attack Lifecycles and MITRE ATT&CK TTPs.Activities/Operations/Cyber Attacks by Year (Historical Background).Group’s Country of Origin and Known Aliases.The following topics are included and shared: This post analyzes Lazarus APT group findings that can be used by people who work in the information technology departments, part of the cyber security team, or have gained competence in areas such as security researchers and system administrators. Operations by Year (Historic Background).Group’s Country of Origin and Known Aliases (Names). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |