Tag: lazarus

3 Attack Reports | 0 Vulnerabilities

Attack reports

APT Lazarus: Eager Crypto Beavers, Video calls and Games

Group-ib explored the growing threats posed by the Lazarus Group's financially-driven campaign against developers. Group-ib examined their recent Python scripts, including the CivetQ and BeaverTail malware variants, along with their updated versions in Windows and Python releases. Additionally, the…
apt
lazarus
2024-09-09
beavertail
civetq
Published: September 9, 2024
Downloadable IOCs: 85

Exposing Attack Operations Utilizing PyPI Against Windows, Linux and macOS Platforms

The report details the APT-C-26 (Lazarus) group's recent attack campaign utilizing malicious Python packages hosted on the PyPI repository to deliver payloads targeting multiple platforms including Windows, Linux, and macOS. It analyzes the attack flow, delivery methods, and malware components invo…
malware
apt
supply chain
lazarus
2024-07-08
pypi
comebacker
cross-platform
Published: July 8, 2024
Downloadable IOCs: 28

Malware Used in Attacks Against Korean Companies

A recent analysis by ASEC discovered attacks exploiting a Korean ERP solution to distribute malware like XcLoader and Xctdoor. The attacks targeted Korean defense and manufacturing companies. The malware was propagated by compromising ERP update servers to install backdoors. Xctdoor captures system…
korea
2024-07-01
lazarus
andariel
xctdoor
xcloader
hotcroissant
Published: July 1, 2024
Downloadable IOCs: 9
Click here to see more Attack Reports