Alliances of convenience: How APTs are beginning to work together
Contents
Alliances of convenience: How APTs are beginning to work together
State-sponsored hacking groups typically operate in isolation, each advancing its own nation’s goals. That’s why any sign of collaboration between them is cause for concern. Yet new evidence uncovered by Gen researchers suggests that two of the world’s most aggressive advanced persistent threat (APT) actors, Russia-aligned Gamaredon and North Korea’s Lazarus, may be operating on shared infrastructure.
This discovery hints at something much bigger than mere technical overlap. It points to a possible new stage in cyber conflict, where geopolitical alliances are mirrored in shared digital operations.
From allies on the battlefield to partners online
Russia and North Korea have maintained a long-standing partnership rooted in shared political and military interests. Moscow backed Pyongyang during and after the Korean War, and in 2024 both nations renewed that alliance through a Comprehensive Strategic Partnership that includes mutual defense commitments.
Since 2022, Pyongyang has stepped up its …
State-sponsored hacking groups typically operate in isolation, each advancing its own nation’s goals. That’s why any sign of collaboration between them is cause for concern. Yet new evidence uncovered by Gen researchers suggests that two of the world’s most aggressive advanced persistent threat (APT) actors, Russia-aligned Gamaredon and North Korea’s Lazarus, may be operating on shared infrastructure.
This discovery hints at something much bigger than mere technical overlap. It points to a possible new stage in cyber conflict, where geopolitical alliances are mirrored in shared digital operations.
From allies on the battlefield to partners online
Russia and North Korea have maintained a long-standing partnership rooted in shared political and military interests. Moscow backed Pyongyang during and after the Korean War, and in 2024 both nations renewed that alliance through a Comprehensive Strategic Partnership that includes mutual defense commitments.
Since 2022, Pyongyang has stepped up its …
IoC
http://144.172.112.106
http://216.219.87.41
http://http://144.172.112.106/payload/99/81`
216.219.87.41
144.172.112.106
8bb089d763d5d4b4f96ae59eb9d8f919e6a49611c183f636bfd5c01696447938
128da948f7c3a6c052e782acfee503383bf05d953f3db5c603e4d386e2cf4b4d
f4d10604980f8f556440460adc71883f04e24231d0a9a3a323a86651405bedfb
cce27340fd6f32d96c65b7b1034c65d5026d7d0b96c80bcf31e40ab4b8834bcd
http://216.219.87.41
http://http://144.172.112.106/payload/99/81`
216.219.87.41
144.172.112.106
8bb089d763d5d4b4f96ae59eb9d8f919e6a49611c183f636bfd5c01696447938
128da948f7c3a6c052e782acfee503383bf05d953f3db5c603e4d386e2cf4b4d
f4d10604980f8f556440460adc71883f04e24231d0a9a3a323a86651405bedfb
cce27340fd6f32d96c65b7b1034c65d5026d7d0b96c80bcf31e40ab4b8834bcd