Lazarus Group Picks a New Poison: Medusa Ransomware
The North Korean threat group also leveraged Comebacker backdoor, Blindingcan RAT, and info stealer Infohook in its recent attacks.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The North Korean threat group also leveraged Comebacker backdoor, Blindingcan RAT, and info stealer Infohook in its recent attacks.
New ransomware of choice, same critical targets North Korea’s Lazarus Group appears to have added another tool to its kit. It has begun using Medusa ransomware in extortion attacks targeting at least one US healthcare organization and an unnamed victim in the Middle East, according to Symantec and Carbon Black threat hunters.…
Ransomware Medusa linked to North Korean hackers targets US healthcare amid ongoing attacks
Report: Lazarus Group Pivoting to Medusa Ransomware for Extortion AttacksNorth Korean-state backed Lazarus Group hackers are using Medusa ransomware in extortion attacks on U.S. healthcare entities despite a 2024 U.S. indictment of Rim Jong Hyok, an alleged member of the Lazarus subgroup Stonefly, according to a new threat intelligence report.
The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity in the Middle East, according to a new report by the Symantec and Carbon Black Threat Hunter Team
North Korean state-backed hackers associated with the Lazarus threat group are targeting U.S. healthcare organizations in extortion attacks using the Medusa ransomware. [...]
Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after being found. No system was fully safe
The prominent state-sponsored advanced persistent threat (APT), aka Jumpy Pisces, appears to be moving away from its primary cyber-espionage motives and toward wreaking widespread disruption and damage.
The North Korean state-sponsored hacking group tracked as 'Andariel' has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions. [...]
Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack
The individual is part of a DPRK-backed group known as Andariel, which is known for using the 'Maui' ransomware strain to target and extort healthcare entities.
Microsoft, Mandiant, weigh in with info about methods used by Andariel gang alleged to have made many, many, heists The US Department of Justice on Thursday charged a North Korean national over a series of ransomware attacks on stateside hospitals and healthcare providers, US defense companies, NASA, and even a Chinese target.…
A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and bespoke malware previously associated with the infamous Lazarus Group
Andariel Group Rented Server to Steal 1.2TB of Data, Extort $357,000 in RansomsSeoul police have accused the North Korean hacker group Andariel of stealing sensitive defense secrets from South Korean defense companies and laundering ransomware proceeds back to North Korea. The hackers stole 1.2TB of data, including information on advanced anti-aircraft weapons.
An OpSec slip from the North Korean threat group helps researchers attribute what was first suspected as a ransomware attack to nation-state espionage.
Well played, feds. What's next? Ransomware is rampant? Strong passwords are important? The FBI has confirmed what cybersecurity researchers have been saying for months: the North Korean-sponsored Lazarus Group was behind the theft last year of $100 million in crypto assets from blockchain startup Harmony.…
Attack origins point to April 2021 first strike on Japanese target The Maui ransomware that has been used against US healthcare operations has been linked to Andariel, a North Korean state-sponsored threat with links to the notorious Lazarus Group.…
The Maui ransomware operation has been linked to the North Korean state-sponsored hacking group 'Andariel,' known for using malicious cyber activities to generate revenue and causing discord in South Korea. [...]
Being the money launderer for North Korea’s Lazarus Group comes at a price The US Treasury Department is levying sanctions against Tornado Cash, a notorious cryptocurrency mixer that it says has been used by threat groups like ransomware gang Lazarus to launder stolen digital assets.…
Source code and Bitcoin transactions point to the malware, which emerged in March 2020, being the work of APT38, researchers at Trellix said.