top of page
Search

Amazon-themed campaigns of Lazarus in the Netherlands and Belgium

ESET researchers have discovered Lazarus attacks against targets in the Netherlands and Belgium that use spearphishing emails connected to fake job offers.




ADVERSARY: Lazarus



TARGETED COUNTRIES: Belgium, Netherlands


MALWARE FAMILIES: BLINDINGCAN, Trojan:Win32/Nukesped, Trojan:Win64/NukeSped


ATT&CK IDS: T1104 - Multi-Stage Channels, T1553 - Subvert Trust Controls, T1562 - Impair Defenses, T1055 - Process Injection, T1095 - Non-Application Layer Protocol, T1134 - Access Token Manipulation, T1082 - System Information Discovery, T1014 - Rootkit, T1027 - Obfuscated Files or Information, T1059 - Command and Scripting Interpreter, T1070 - Indicator Removal on Host, T1071 - Application Layer Protocol, T1106 - Native API, T1132 - Data Encoding, T1140 - Deobfuscate/Decode Files or Information, T1204 - User Execution, T1218 - Signed Binary Proxy Execution, T1547 - Boot or Logon Autostart Execution, T1560 - Archive Collected Data, T1566 - Phishing, T1573 - Encrypted Channel, T1574 - Hijack Execution Flow, T1584 - Compromise Infrastructure, T1587 - Develop Capabilities


Read More:

3 views

Comments


Commenting has been turned off.
bottom of page