The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

North Korean Threat Actors Living Off the Land

Oct 11, 2022 12:47:31 PM / by PolySwarm Tech Team posted in Threat Bulletin, Lazarus, North Korea, LoTL, APT 38, Living off the land, ZataNile, EventHorizon

0 Comments

Related Families: ZetaNile (BlindingCan), EventHorizon

Verticals Targeted: Media, Defense, IT Services, Aerospace

Executive Summary

Microsoft recently reported on North Korean threat actor group Lazarus using living off the land (LOTL) techniques to target multiple verticals. Weaponization of legitimate tools includes SSH clients PuTTY and KiTTY, as well as TightVNC Viewer, Sumatra PDF reader, and muPDF/Subliminal Recording installer.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More