1/20/2024 0 Comments Lazarus group profileLazarus is notable for its use of aggressive and destructive tactics, such as the use of disk-wiping malware, to cause maximum disruption to its targets Symantec has observed commonalities between multiple targeted campaigns it may have been involved with. Lazarus has been linked to a series of attacks since 2009. If this is the case, then it is possible that these groups are acting in concert, under the direction of one entity. There is some evidence to suggest that Lazarus may consist of several associated groups of attackers. As part of the initiative, vendors will circulate malware signatures and other useful intelligence related to these attackers.Īctive since at least 2009, Lazarus is a well-resourced adversary, capable of mounting cyberespionage operations in addition to high-profile destructive attacks. Lazarus appears to be particularly focused on targets in the US and South Korea.Īnnounced today, Operation Blockbuster involves major security vendors sharing intelligence and resources in order to assist commercial and government organizations in protecting themselves against Lazarus. It has been linked to a wide range of incidents, several of which involved highly destructive malware. Symantec has been tracking attacks associated with Lazarus since 2009. The initiative, called Operation Blockbuster was led by analytics firm Novetta and aims to significantly bolster defenses against the cyberespionage group and its disruptive campaigns. It seems that the bureau uses the cryptocurrency obtained through illicit means to finance nuclear and ballistic military programs in North Korea.A collaborative cross-industry operation has targeted an aggressive threat group known as Lazarus. The Treasury Department suspects that the Lazarus Group has connections to the Reconnaissance General Bureau, which is North Korea’s intelligence agency, and is involved in the trade of arms for the Democratic People’s Republic of Korea (DPRK). OFAC data indicates that cyber actors with ties to North Korea managed to steal an estimated $1.7 billion worth of cryptocurrency in 2022 alone, demonstrating the group’s continued prominence and threat to the industry. In addition to these incidents, last year the group was suspected of targeting several Japanese crypto companies. The hackers managed to steal a staggering $625 million during the attack, and the FBI has since traced the crime back to the Lazarus Group. The Lazarus Group has been associated with numerous hacks over the years, including the high-profile 2022 Ronin Network attack, which is widely considered the largest crypto heist in history. While OFAC did not disclose the name of the exchange, it did mention that the Lazarus Group was suspected of being linked to the attack. OFAC has previously sanctioned two Chinese nationals, Tian Yinyin and Li Jiadong, for their alleged involvement in laundering crypto connected to a 2018 cryptocurrency exchange hack. The Lazarus Group, suspected to be backed by the North Korean government, has been involved in numerous cyberattacks over the years, targeting crypto space recently. “The DPRK continues to exploit virtual currency and extensive illicit facilitation networks to access the international financial system and generate revenue for the regime.” Lazarus Group’s Connection With Crypto According to the allegations, Sim “coordinated millions of dollars in financial transfers for the DPRK.”īrian Nelson, the Undersecretary for Terrorism and Financial Intelligence at the Department, referred to North Korea in a statement and said, (KKBC), which was sanctioned in 2009 for its connections to North Korea. Sim Hyon Sop, located in Dandong, China, is employed by Korea Kwangson Banking Corp. Wu Huihui, who resides in China, is accused of “facilitating the conversion of virtual currency stolen by actors working with the Lazarus Group to fiat currency.”Ĭheng Hung Man, based in Hong Kong, is suspected of collaborating with Wu to use “front companies to enable DPRK actors to bypass countering illicit finance requirements at financial institutions and access the U.S. Treasury’s Office of Foreign Assets Control revealed on Monday that it has imposed sanctions on three individuals believed to have connections with North Korea’s notorious Lazarus Group. Treasury’s Office of Foreign Assets Control announced sanctions against three individuals allegedly linked to North Korea’s infamous Lazarus Group. Treasury Department is ramping up its efforts to combat cybercrime, specifically targeting three North Koreans allegedly involved in supporting the notorious Lazarus Group, known for its high-profile cyberattacks and cryptocurrency-related thefts.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |