Posted by Martijn Grooten on Nov 22, 2018
Recent activity shows that the Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial institutions around the world.
Perhaps unsurprisingly, the group, which is generally believed to be linked to the North Korean government, has also been very active in South Korea, where the country's military as well as political organizations have been among the targets.
As AhnLab researcher Minseok (Jacky) Cha wrote in his VB2018 paper on the group, the group's activities in South Korea go back a decade, and this activity gives a very good insight into the group's development over the years.
Today, we publish Minseok's VB2018 paper 'Since the hacking of Sony Pictures' in both HTML and PDF format. Minseok's slides are also available.