The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

PolySwarm Threat Bulletin: Lazarus APT’s LolZarus Campaign Targets Defense Contractor

Feb 14, 2022 11:18:26 AM / by PolySwarm Team posted in Threat Bulletin, Lazarus, LolZarus, APT, North Korea, LoLbins, Defense Vertical

0 Comments



Background

Qualys Threat Research recently reported on a new Lazarus espionage campaign leveraging employment phishing emails to target the defense sector, primarily targeting those applying for a job at Lockheed Martin. The targeting is similar to previous Lazarus campaigns which targeted Northrop Grumman and BAE Systems. Qualys refers to the current campaign as LolZarus due to the threat actor group’s use of LoLbins in some of the samples, which according to Qualys is the first known use of LoLbins by a well-known threat actor group.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts