How Lazarus's IT Workers Scheme Was Caught Live on Camera
Pulse ID: 693a48019468d021f3f88fb6
Pulse Link: https://otx.alienvault.com/pulse/693a48019468d021f3f88fb6
Pulse Author: Tr1sa111
Created: 2025-12-11 04:26:41
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #OTX #OpenThreatExchange #bot #Tr1sa111
⚠️ #Lazarus Group’s Famous Chollima uses GitHub spam, fake recruiters, and AI interview tools to slip into finance, crypto, and healthcare companies as “IT workers”.
👨💻 Get a rare inside view of how these operatives work, communicate, and attempt to maintain access.
See how #ANYRUN helped BCA LTD North scan reveal and analyze the hackers' toolchain and TTPs: https://any.run/cybersecurity-blog/lazarus-group-it-workers-investigation/?utm_source=mastodon&utm_medium=post&utm_campaign=lazarus_case&utm_term=091225&utm_content=linktoblog
How Lazarus's IT Workers Scheme Was Caught Live on Camera
This report details an investigation into a North Korean infiltration operation by the Lazarus Group's Famous Chollima division. The operation aims to deploy remote IT workers in American financial and crypto/Web3 companies for corporate espionage and funding. Researchers posed as potential recruits and used sandboxed environments to monitor the operators' activities in real-time. The investigation revealed the group's tactics, including identity theft, social engineering, and the use of AI tools. The operators displayed poor operational security, sharing infrastructure and making repeated mistakes. The report provides insights into the group's recruitment methods, toolset, and communication patterns, offering a rare inside view of their operations.
Pulse ID: 69381832f6030155b532bf71
Pulse Link: https://otx.alienvault.com/pulse/69381832f6030155b532bf71
Pulse Author: AlienVault
Created: 2025-12-09 12:38:10
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #Espionage #ICS #InfoSec #Korea #Lazarus #NorthKorea #OTX #OpenThreatExchange #RAT #SocialEngineering #Web3 #bot #AlienVault
🔴 LIVE from inside #Lazarus APT's IT workers scheme.
For weeks, researchers from NorthScan & BCA LTD kept #hackers believing they controlled a US dev's laptop. In reality, it was our sandbox recording everything.
See full story and videos ⬇️
https://any.run/cybersecurity-blog/lazarus-group-it-workers-investigation/?utm_source=mastodon&utm_medium=post&utm_campaign=lazarus_workers_investigation&utm_content=linktoblog&utm_term=041225
📢 Upbit victime d’un vol de 30 M$ en crypto, soupçonné attribué au groupe nord-coréen Lazarus
📝 Selon The Record (Recorded Future News), un vol d’environ 30 millions de dollars en cryptomonnaies a touc...
📖 cyberveille : https://cyberveille.ch/posts/2025-12-02-upbit-victime-dun-vol-de-30-m-en-crypto-soupconne-attribue-au-groupe-nord-coreen-lazarus/
🌐 source : https://therecord.media/officials-accuse-north-korea-hackers-of-attack-on-crypto-exchange
#Lazarus #Upbit #Cyberveille
Pourquoi un point après le END dans ce fichier Pascal ?
Ver la letra de la canción “Lazarus” de David Bowie
#DavidBowie #Lazarus
https://daletra.net/david-bowie/letras/lazarus.html
Scopri il testo della canzone “Lazarus” di David Bowie
#DavidBowie #Lazarus
https://daletra.online/david-bowie/testi/lazarus.html
Analysis of APT-C-26 (Lazarus) Group's Attack Campaign Using Remote IT Disguise to Deploy Monitoring Software
Pulse ID: 692930f0634c859da3574eb7
Pulse Link: https://otx.alienvault.com/pulse/692930f0634c859da3574eb7
Pulse Author: Tr1sa111
Created: 2025-11-28 05:19:44
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #OTX #OpenThreatExchange #bot #Tr1sa111
📰 Geopolitical Shift: Russian and North Korean State Hackers Found Sharing Attack Infrastructure
‼️ Unprecedented cyber alliance: Russian APT Gamaredon & North Korea's Lazarus Group caught sharing C2 attack infrastructure. The collaboration signals a dangerous escalation in state-sponsored threats. #ThreatIntel #APT #Gamaredon #Lazarus #CyberWa...
Two of the world’s most prolific state-linked #cybercrime groups — #russia’s #Gamaredon and #NKorea’s #Lazarus collective — have been spotted sharing resources.
Experts found overlapping #tactics and shared #infrastructure between the two groups.
https://www.politico.eu/article/russia-north-korea-partner-cyber-crime-research-gamaredon-lazarus/
Analysis of APT-C-26 (Lazarus) Group's Attack Campaign Using Remote IT Disguise to Deploy Monitoring Software
The report details an attack campaign by APT-C-26 (Lazarus), a highly active APT group targeting various industries globally. The group deployed a customized monitoring program with remote desktop control capabilities, likely used by remote IT personnel infiltrating target companies. The malware consists of a registration program, a daemon process, and a DLL file for core monitoring functions. It utilizes Windows Shell extension for persistence and creates a covert remote desktop environment. The analysis reveals sophisticated techniques for evading detection, including disabling Windows Defender and manipulating firewall rules. The monitoring software captures screen data, uploads it to a server, and provides remote desktop functionality. Based on the analysis and tactics used, the activity is attributed to the Lazarus group.
Pulse ID: 6920e39c52bbf117c94af4ba
Pulse Link: https://otx.alienvault.com/pulse/6920e39c52bbf117c94af4ba
Pulse Author: AlienVault
Created: 2025-11-21 22:11:40
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #ICS #InfoSec #Lazarus #Malware #OTX #OpenThreatExchange #RAT #Windows #bot #AlienVault
📬 Zehntausende ASUS-Router sind unter fremder Kontrolle
#Cyberangriffe #ITSicherheit #AiCloud #AsusRouter #AyySSHush #Kimsuky #Lazarus #ORBKnoten #WrtHug https://sc.tarnkappe.info/90a693
Vom Tod zum Leben – Wie die Trauer Jesu Heil bewirken kann
https://fed.brid.gy/r/https://stefan-oster.de/gebetstag-betroffene-von-sexuellen-missbrauch/
Đội Lazarus thông báo phát hành Lazarus FreePascal IDE 4.4 #Lazarus #FreePascal #IDE #LậpTrình #PhátTriểnPhầnMềm #Programming #SoftwareDevelopment
https://www.reddit.com/r/programming/comments/1ox3jpd/the_lazarus_team_is_glad_to_announce_lazarus/
FpcUpDeLuxe with a new version
You find the brand new FpcUpDeLuxe for easy installation of FreePascal and / or Lazarus IDE here:
https://github.com/LongDirtyAnimAlf/fpcupdeluxe/releases
With FpcUpDeLuxe everyone is able to setup different environments for software developement with FreePascal and Lazarus.
One code for many platforms ...
Prime: Lazarus, series, 2025
7/10
Only part way through but so far it's worth watching the rest. Tons of plot twists, good acting, and just enough gore to be considered a thriller.
And there's the ever brilliant Bill Nighy that pulls it altogether.
#HarlanCoben #Lazarus
Gotta fly: Lazarus targets the UAV sector
Pulse ID: 69142ea5363129b306273e35
Pulse Link: https://otx.alienvault.com/pulse/69142ea5363129b306273e35
Pulse Author: Tr1sa111
Created: 2025-11-12 06:52:21
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #OTX #OpenThreatExchange #bot #Tr1sa111
Movie TV Tech Geeks #TV #Lazarus #TheHauntingofHillHouse #BlackBird 7 Miniseries To Watch if You Love Prime Video's 'Harlan Coben's Lazarus' http://dlvr.it/TP8jBT
