The North Korean Lazarus Group, aka APT38, is one of the most sophisticated North Korean APTs. It’s been active since 2009…
Tag: Lazarus
A week in security (April 18 – 24)
Last week on Malwarebytes Labs: Stay safe!
North Korean Lazarus APT group targets blockchain tech companies
A new advisoryissued by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury…
North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign
This blog was authored by Ankur Saini and Hossein Jazi Lazarus Group is one of the most sophisticated North Korean APTs…
Crimea “manifesto” deploys VBA Rat using double attack vectors
This blog post was authored by Hossein Jazi. On July 21, 2021, we identified a suspicious document named “Манифест.docx” (“Manifest.docx”) that…
Lazarus APT conceals malicious code within BMP image to drop its RAT
This blog was authored by Hossein Jazi Lazarus APT is one of the most sophisticated North Korean Threat Actors that has…
New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app
This blog post was authored by Hossein Jazi, Thomas Reed and Jérôme Segura. We recently identified what we believe is a…
The Advanced Persistent Threat files: Lazarus Group
We’ve heard a lot about Advanced Persistent Threats (APTs) over the past few years. As a refresher, APTs are prolonged, aimed…
Ryuk ransomware attacks businesses over the holidays
While families gathered for food and merriment on Christmas Eve, most businesses slumbered. Nothing was stirring, not even a mouse—or so…