North Korea hacker group Lazarus turns to ransomware: report

North Korea hacker group Lazarus turns to ransomware: report

An outfit of hackers with links to the North Korean government is on the prowl again, this time reverting to targeting its victims through ransomware. According to a new report, the group has stepped up its game, with the latest strain of malware being an upgrade on previous versions.

While the North Korean government has been linked with several cybercrime outfits, Lazarus remains the most lethal. The group is known for WannaCry, a ransomware that has infected over 300,000 Windows computers worldwide, demanding payment in BTC.

Lazarus is now targeting its victims with new malware, Russian cybersecurity company Kaspersky Lab has revealed. In a new report, the firm attributed a new wave of attacks through a little-known malware strain known as VHD to Lazarus.

VHD crawls all connected disks to encrypt the files while also deleting any folder that contains Windows’ restore point features, the report states.

Kaspersky noted that the malware is unique and “did not fit the usual modus operandi of known big-game hunting groups.” The firm also only found a very limited number of VHD malware samples, indicating that it was custom made, and not bought in the dark web.

According to the Kaspersky report, judging from the ransomware attacks it has tracked this year related to VHD, Lazarus is using more finesse in its attacks. The group spread the malware through the MATA framework which is more advanced and able to attack Windows, macOS and Linux operating systems.

Lazarus has in the past targeted financial systems and institutions, making off with hundreds of millions of dollars. The group was allegedly behind the much-publicized hack of Sony Pictures and the $81 million hack of the Bangladesh Bank.

It has also extensively targeted digital currency exchanges. According to a report by Group-IB, it’s behind the biggest hack in the industry where it made off with $534 million from Coincheck exchange.

However, its dive into ransomware is a cause for worry, Kaspersky’s senior security researcher Ivan Kwiatkowski said, explaining:

“While it is obvious that the group cannot match the efficiency of other cybercriminal gangs with this hit-and-run approach to targeted ransomware, the fact that it has turned to such types of attacks is worrisome. The global ransomware threat is big enough as it is, and often has significant financial implications for victim organizations up to the point of rendering them bankrupt.”

  • Bitcoin
  • Ethereum
  • Litecoin
  • Zcash
Scan to Donate Bitcoin to bc1qcc3xajxvdqjnx2f7j7sfcfun7jagr0nh94fa2e

Donate Bitcoin to this address

Scan the QR code or copy the address below into your wallet to send some Bitcoin

Scan to Donate Ethereum to 0x704671D7591d05Dd0790E86Aee964558E9347b07

Donate Ethereum to this address

Scan the QR code or copy the address below into your wallet to send some Ethereum

Scan to Donate Litecoin to ltc1q7tj9ydra9ylkelu42vypp6cu2v0msf5lc2p5mq

Donate Litecoin to this address

Scan the QR code or copy the address below into your wallet to send some Litecoin

Scan to Donate Zcash to t1LiPaQ7gsSL23FbjXswpSoguP6yAE1xj5B

Donate Zcash to this address

Scan the QR code or copy the address below into your wallet to send some Zcash

 102 Interactions,  2 today

Crypto & Finance News