Security News > 2023 > April > Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign

The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its tools and tactics as part of a long-running activity called DeathNote.

The targeting of the automotive and academic verticals is tied to Lazarus Group's broader attacks against the defense industry, as documented by the Russian cybersecurity firm in October 2021, leading to the deployment of BLINDINGCAN and COPPERHEDGE implants.

The twin attacks "Point to Lazarus building supply chain attack capabilities," Kaspersky noted at the time.

The Lazarus Group has also been linked to a successful breach of another defense contractor in Africa last July in which a "Suspicious PDF application" was sent over Skype to ultimately drop a variant of a backdoor dubbed ThreatNeedle and another implant known as ForestTiger to exfiltrate data.

"The Lazarus group is a notorious and highly skilled threat actor," Park said.

"As the Lazarus group continues to refine its approaches, it is crucial for organizations to maintain vigilance and take proactive measures to defend against its malicious activities."

News URL

https://thehackernews.com/2023/04/lazarus-hacker-group-evolves-tactics.html