Lazarus group ransomware8/4/2023 ![]() ![]() Despite the links to Lazarus, the WannaCry attacks do not bear the hallmarks of a nation-state campaign but are more typical of a cybercrime campaign,” Symantec researchers said in a post analyzing the links. “Analysis of these early WannaCry attacks by Symantec’s Security Response Team revealed substantial commonalities in the tools, techniques, and infrastructure used by the attackers and those seen in previous Lazarus attacks, making it highly likely that Lazarus was behind the spread of WannaCry. The code in the ransomware is virtually identical, but the tactics are different. But those were highly targeted and didn’t use the exploit code and worm-likes reading mechanism that the current version does. The first attacks involving WannaCry emerged in February, with others following in March and April. There are a number of code artifacts shared between tools used by the Lazarus group and WannaCry, and researchers at Symantec have published new details that show the ransomware campaign has several other technical links to the Lazarus group’s operations, too. Last week, researchers at Kaspersky Lab, who have studied the Lazarus group closely, said that the WannaCry ransomware had strong technical links to Lazarus. ![]() The Lazarus group is a hacking team tied to North Korea that researchers have linked to a number of major intrusions, including the attack on the Bank of Bangladesh and the Sony Pictures Entertainment hack. The links between the WannaCry ransomware and the Lazarus group, which is believed to be responsible for several high-profile attacks, are deeper and more substantial than previously thought, according to new evidence unearthed by security researchers. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |