Lazarus Group

MITRE G0009
Reports
4
First seen
Nov 1
Last seen
May 25
Motivation
espionage, financial_theft

Targeting

Sectors
financial services ×1

Top ATT&CK techniques

T1566 Phishing ×4T1486 Data Encrypted for Impact ×2T1598 Phishing for Information ×2T1547 Boot or Logon Autostart Execution ×2T1041 Exfiltration Over C2 Channel ×1T1555 Credentials from Password Stores ×1T1598.004 Spearphishing Attachment ×1T1562 Impair Defenses ×1T1078 Valid Accounts ×1T1648 Serverless Execution ×1T1566.002 Phishing: Spearphishing Link ×1T1586 Compromise Accounts ×1

Indicators

cve ×4domain ×4filename ×1

Indicator values are available on Pro and via the API.

Associated CVEs

Recent reports

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.