8/18/2023 0 Comments Lazarus group ransomware![]() ![]() ![]() And as we collected more evidence we became more confident that the attack was conducted by a group connected to the North Korean government, eventually leading us to confidently conclude it was the Lazarus Group,” said WithSecure™ Senior Threat Intelligence Researcher Sami Ruohonen. “While this was initially suspected to be an attempted BianLian ransomware attack, the evidence we collected quickly pointed in a different direction. Specific targets of the campaign identified by the researchers included a healthcare research organization, a manufacturer of technology used in the energy, research, defense, and healthcare sectors, as well as the chemical engineering department of a leading research university. Upon investigating the attack, WithSecure™ researchers uncovered more evidence indicating that the attack was part of a larger intelligence-gathering campaign rather than a ransomware incident.īased on the collected evidence, the researchers were able to link the campaign to Lazarus Group, who was targeting medical research and energy organizations with the intent to commit espionage. Researchers discovered the group's latest campaign after a suspected ransomware attack was detected at an organization protected by the WithSecure™ Elements security platform. Lazarus Group is an advanced persistent threat (APT) that’s widely believed to be a part of North Korea’s Foreign Intelligence and Reconnaissance Bureau. HELSINKI, Finland-( BUSINESS WIRE)-Thanks in part to an operational security error by an attacker, security researchers from WithSecure™ (formerly known as F-Secure Business) have linked a cyber attack campaign back to North Korea’s notorious Lazarus Group. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |