![]() The group deployed multiple malware families throughout the years, including malware associated with Operation Troy and DarkSeoul, the Hangman malware (2014-2015) and Wild Positron / Duuzer (2015). However, their activity spikes starting with 2011. ![]() The Lazarus Group’s activity spans multiple years, going back as far as 2009. Today, as part of Operation Blockbuster, together with Novetta and other industry partners, we are publishing our findings for the benefit of the wider public. Some of our findings about Wild Positron and other associated operations were initially presented to a select audience at our Security Analyst Summit (SAS) in Tenerife, Spain, through a joint presentation between researchers from Kaspersky’s Global Research and Analysis Team and AlienVault Labs’ Research Team. For instance, past and current activity that we attribute to the Lazarus Group includes Wild Positron, which is also known publicly as Duuzer. By focusing primarily on instances of code-reuse and leveraging the power of Yara, Kaspersky researchers were able to proactively spot new malware variants produced by the same threat actor, codenamed by Novetta ‘The Lazarus Group’. That cluster involves several malware families as well as campaigns that have not received media attention and were previously considered unrelated. ![]() Building on that data, Kaspersky Lab conducted more focused research into a cluster of related campaigns stretching back several years before the SPE incident. In the past, we published our research into the malware that was publicly attributed to the Sony Pictures (SPE) hack. Some of the targets of these campaigns included financial institutions, media houses and manufacturing companies, among others. Just like the previous Operation SMN, this alliance brings together key players in the IT security industry, working together in an effort to disrupt and neutralize multiple cyberespionage campaigns that have been active for several years. Kaspersky Lab has joined industry alliance driven by Novetta to announce Operation Blockbuster.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |