Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-03-31 12:00:23 |
Lazarus Trojanized DeFi app for delivering malware (lien direct) |
We recently discovered a Trojanized DeFi application that was compiled in November 2021. This application contains a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a full-featured backdoor. |
Malware
|
APT 38
|
|
|
2021-12-16 10:00:19 |
PseudoManuscrypt: a mass-scale spyware attack campaign (lien direct) |
Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT group's arsenal. |
Malware
|
APT 38
APT 28
|
|
|
2021-02-25 10:00:53 |
Lazarus targets defense industry with ThreatNeedle (lien direct) |
In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group's other campaigns. |
Malware
|
APT 38
APT 28
|
|