Lazarus Suspected of Targeting Russian Orgs
Foreign adversaries pose threats to US national security, but researchers at Check Point believe that the advanced persistent threat (APT) group known as Lazarus is now targeting Russian organizations.
In a February 19 blog post, Check Point revealed findings from research that suggests the North Korean APT known as both Lazarus and Hidden Cobra has launched the first attack on financial institutions in Russia.
“This incident represents an unusual choice of victim by the North Korean threat actor – these attacks tend to reflect the geopolitical tensions between the DPRK and nations such as the US, Japan and South Korea. In this case, though, it is Russian organizations who are the targets,” researchers wrote. Researchers have been monitoring this coordinated attack on private, Russian-owned companies, calling it the first cyber-attack of its kind. Evidence suggests that the attack is the work of Lazarus, one of the most prevalent APT groups today, believed to be a North Korean–sponsored threat actor responsible for some of the world's largest security breaches.