7/24/2023 0 Comments Lazarus group mac based attack![]() While all these facts are fascinating, the connection between Lazarus attacks on banks, and their role in attacks on banks’ systems, was still loose. However, from this it’s only clear that Lazarus might have attacked Polish banks. Symantec also confirmed seeing the Lazarus wiper tool in Poland at one of their customers. Other claims that Lazarus was the group behind attacks on the Polish financial sector, came from Symantec in 2017, which noticed string reuse in malware at one of their Polish customers. This similarity was found to be satisfying to many readers, however at Kaspersky Lab, we were looking for a stronger connection. This was followed by another blogpost by Anomali Labs, confirming the same wiping code similarity. ![]() One such publication was made available by BAE systems in May 2016, however it only included analysis of the wiper code. Since the Bangladesh incident there have been just a few articles explaining the connection between Lazarus Group and the Bangladesh bank heist. Today we’d like to share some of our findings, and add something new to what’s currently common knowledge about Lazarus Group activities, and their connection to the much talked about February 2016 incident, when an unknown attacker attempted to steal up to $851M USD from Bangladesh Central Bank. While the original article didn’t mention Lazarus Group it was quickly picked up by security researchers. In February 2017 an article in the Polish media broke the silence on a long-running story about attacks on banks, allegedly related to the notoriously known Lazarus Group.
0 Comments
Leave a Reply. |