Lazarus

MITRE G0009Also known as HIDDEN COBRA
Reports
5
First seen
Oct 23
Last seen
May 28
Motivation
espionage, espionage, intellectual property theft, , espionage, cryptocurrency theft, and reg

Targeting

Sectors
defense ×1

Top ATT&CK techniques

T1566 Phishing ×4T1195 Supply Chain Compromise ×3T1021 Remote Services ×3T1041 Exfiltration Over C2 Channel ×2T1190 Exploit Public-Facing Application ×2T1486 Data Encrypted for Impact ×2T1561 Disk Wipe ×2T1078 Valid Accounts ×2T1557 Adversary-in-the-Middle ×2T1204 User Execution ×1T1136 Create Account ×1T1027 Obfuscated Files or Information ×1

Indicators

domain ×14ip_v4 ×14url ×14filename ×13hash_sha1 ×1

Indicator values are available on Pro and via the API.

Recent reports

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.