New Andariel Reconnaissance Tactics Hint At Next Targets
Contents
APT & Targeted Attacks
New Andariel Reconnaissance Tactics Uncovered
Some groups go to great lengths to investigate their targets' systems. A recent example is the Andariel Group, a branch of the Lazarus Group. We tracked new scouting techniques coming from Andariel, used mainly against South Korean targets.
Save to Folio
Updated June 18, 2018, 10:05 AM to add new IoC information from IssueMakersLab's July investigation. We updated it again at 4:30 PM to add a link to IssueMakersLab's website and to add new IoC information. This research is done in cooperation with IssueMakersLab of South Korea.
Reconnaissance plays a vital role in criminal operations, and some groups go to great lengths to investigate their targets' systems. A recent example is the Andariel Group, a known branch of the notorious Lazarus Group. Last month we tracked new scouting techniques coming from Andariel, which were used mainly against South Korean targets.
Andariel has been quite active these past …
New Andariel Reconnaissance Tactics Uncovered
Some groups go to great lengths to investigate their targets' systems. A recent example is the Andariel Group, a branch of the Lazarus Group. We tracked new scouting techniques coming from Andariel, used mainly against South Korean targets.
Save to Folio
Updated June 18, 2018, 10:05 AM to add new IoC information from IssueMakersLab's July investigation. We updated it again at 4:30 PM to add a link to IssueMakersLab's website and to add new IoC information. This research is done in cooperation with IssueMakersLab of South Korea.
Reconnaissance plays a vital role in criminal operations, and some groups go to great lengths to investigate their targets' systems. A recent example is the Andariel Group, a known branch of the notorious Lazarus Group. Last month we tracked new scouting techniques coming from Andariel, which were used mainly against South Korean targets.
Andariel has been quite active these past …
IoC
67a1312768c4ca3379181c0fcc1143460efcb4bff7a4774c9c775043964c0878
cfcd391eec9fca663afd9a4a152e62af665e8f695a16537e061e924a3b63c3b9
e0e30eb5e5ff1e71548c4405d04ce16b94c4cb7f8c2ed9bd75933cea53533114
http://adfamc.com/editor/sorak/image.php||Compromised
http://adfamc.com/editor/sorak/skin.php||Compromised
http://aega.co.kr/mall/skin/skin.php||Compromised
http://alphap1.com/hdd/images/image.php||Compromised
http://www.peaceind.co.kr/board/icon/image.php||Compromised
cfcd391eec9fca663afd9a4a152e62af665e8f695a16537e061e924a3b63c3b9
e0e30eb5e5ff1e71548c4405d04ce16b94c4cb7f8c2ed9bd75933cea53533114
http://adfamc.com/editor/sorak/image.php||Compromised
http://adfamc.com/editor/sorak/skin.php||Compromised
http://aega.co.kr/mall/skin/skin.php||Compromised
http://alphap1.com/hdd/images/image.php||Compromised
http://www.peaceind.co.kr/board/icon/image.php||Compromised