New Evidence Might Link Lazarus Tool Found in Chile RedBanc Intrusion to Previous Attacks in Pakistan
Contents
New Evidence Might Link Lazarus Tool Found in Chile RedBanc Intrusion to Previous Attacks in Pakistan
Note: This article was initially written by the QuoINT Team as part of QuoScient GmbH. Since the foundation of QuoIntelligence in March 2020, this article was transferred to the QuoIntelligence website on 21 April 2020.
Executive Summary
QuoScient’s Intelligence Operations Team (QuoINT) has uncovered an attack against a Pakistani financial service provider’s employee that highly matched the Tactics, Techniques, and Procedures (TTPs) reported in a recent intrusion at the Chilean interbank network Redbanc linked by Flashpoint to the prolific North Korea-linked Advanced Persistent Threat (APT) group Lazarus (also known as HIDDEN COBRA). Further, we uncovered new evidence that might link the November 2018 attacks against multiple Pakistani banks to Lazarus. More in detail, we discovered an attack that occurred on 31 October 2018, and highly likely led to the infection of the employee’s computer. However, we are …
Note: This article was initially written by the QuoINT Team as part of QuoScient GmbH. Since the foundation of QuoIntelligence in March 2020, this article was transferred to the QuoIntelligence website on 21 April 2020.
Executive Summary
QuoScient’s Intelligence Operations Team (QuoINT) has uncovered an attack against a Pakistani financial service provider’s employee that highly matched the Tactics, Techniques, and Procedures (TTPs) reported in a recent intrusion at the Chilean interbank network Redbanc linked by Flashpoint to the prolific North Korea-linked Advanced Persistent Threat (APT) group Lazarus (also known as HIDDEN COBRA). Further, we uncovered new evidence that might link the November 2018 attacks against multiple Pakistani banks to Lazarus. More in detail, we discovered an attack that occurred on 31 October 2018, and highly likely led to the infection of the employee’s computer. However, we are …
IoC
https://quointelligence.eu/2019/01/new-evidence-might-link-lazarus-tool-found-in-chile-redbanc-intrusion-to-previous-attacks/