Emulating the Highly Sophisticated North Korean Adversary Lazarus Group
Contents
Lazarus Group, also known as Hidden Cobra, is a state-sponsored adversary attributed to the Reconnaissance General Bureau (RGB) of the Democratic People’s Republic of Korea (DPRK) which has been active since at least 2009. The Lazarus Group is composed of at least two subgroups, both known as Andariel and BlueNoroff, and has notable overlaps with the adversaries known as APT37 and Kimsuky.
Lazarus Group’s main motivations are theft of proprietary information, espionage, sabotage, and destruction. The group first came to media attention in 2013, following a series of coordinated attacks against South Korean media and financial entities using the wiper known as DarkSeoul.
Their most notorious campaign occurred in November 2014 when the Lazarus Group conducted a large-scale destructive attack against Sony Pictures Entertainment (SPE), which was notable due to the substantial penetration through the network, the large amount of exfiltrated data, and the use of a wiper to erase all forensic …
Lazarus Group’s main motivations are theft of proprietary information, espionage, sabotage, and destruction. The group first came to media attention in 2013, following a series of coordinated attacks against South Korean media and financial entities using the wiper known as DarkSeoul.
Their most notorious campaign occurred in November 2014 when the Lazarus Group conducted a large-scale destructive attack against Sony Pictures Entertainment (SPE), which was notable due to the substantial penetration through the network, the large amount of exfiltrated data, and the use of a wiper to erase all forensic …