Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation North Korean Malware Lazarus

The United States Government released an updated report attributed to the HIDDEN COBRA threat actor, also known as Lazarus, APT38, and Hidden Cobra. The report contains information about twenty malicious executables with some of the files being proxy applications used to encode and obfuscate the traffic between the malware and the actors command and control servers. The operation used multiple tactics including valid public SSL certificates to exfiltrate a range of sensitive data including system details and file and directory information from infected hosts.
Name Modified Date Sources
Operation North Korean Malware Lazarus 2020-02-24