lazarusholic

@lazarusholic@infosec.exchange
79 Followers
0 Following
1.3K Posts
a big fan of lazarus. You can find me on http://t.me/lazarusholic , https://lazarus.day.
lazarusholic1d ago
"Multiple projects tied to Pepe creator Matt Furie & ChainSaw as well as another project Favrr were exploited" published by ZachXBT. #ITWorker, #DPRK, #CTI https://archive.is/u2f2K
lazarusholic1d ago
"Tracing Lazarus: Greg Sinclair on Attributing North Korean Cyber Threats Through Binary Similarity" published by Mandiant. #ITWorker, #Lazarus, #DPRK, #CTI https://open.spotify.com/episode/2WvJtYDfstgnwG08WxGCo1
EP11 Tracing Lazarus: Greg Sinclair on Attributing North Korean Cyber Threats Through Binary Similarity

Behind the Binary by Google Cloud Security · Episode

Spotify
lazarusholic2d ago
"탈북자 분들을 노리는 북한 해킹 단체 APT37(Reaper)에 만든 악성코드-김x민대표님모금캠페인.lnk(2024.10.31)" published by Sakai. #APT37, #LNK, #DPRK, #CTI https://wezard4u.tistory.com/429521
탈북자 분들을 노리는 북한 해킹 단체 APT37(Reaper)에 만든 악성코드-김x민대표님모금캠페인.lnk(2024.10.31)

오늘은 탈북자 분들을 노리는 북한 해킹 단체 APT37(Reaper)에 만든 악성코드에서 만든 김x민대표님모금캠페인.lnk(2024.10.31)에 대해 글을 적어 보겠습니다. 해당 악성코드는 자유북한방송의 대표 김x민 대표님 모금 캠페인으로 위장해서 유포했던 악성코드입니다.일단 해당 대표님이 뇌종양이 발견되었던 것을 가지고 마치 탈북자 단체에서 성금을 모으려고 만든 문서로 돼 있지만 실제로는 악성코드입니다.파일명:김X민대표님모금캠페인.lnk사이즈:222 MBMD5:144928fc87e1d50f5ed162bb1651ab24SHA-1:e917166ed0096688994709acb94233ba3f3be39bSHA-256:c045b9da0456430268861da18735f7e8ebb2d1df771ca803a2..

꿈을꾸는 파랑새
lazarusholic2d ago
"Understanding DPRK IT Worker Activity - Conversations and Insights" published by Ketman. #ITWorker, #DPRK, #CTI https://www.ketman.org/understanding-dprk-it-workers-conversations-and-insight.html
Understanding DPRK IT Worker Activity - Conversations and Insights

A comprehensive analysis of the tactics, behaviors, and operational patterns of North Korean (DPRK) IT workers.

lazarusholic3d ago
"I tried to hire a North Korean scammer" published by Christophe. #ITWorker, #Youtube, #DPRK, #CTI https://www.youtube.com/watch?v=Y7x0gvfFa0Q
I tried to hire a North Korean scammer

YouTube
lazarusholic4d ago
"Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages" published by Socket. #BeaverTail, #ContagiousInterview, #HexEval, #NPM, #DPRK, #CTI https://socket.dev/blog/north-korean-contagious-interview-campaign-drops-35-new-malicious-npm-packages
lazarusholic4d ago
"These North Korean phishers just don't stop" published by dazhengzhang. #ContagiousInterview, #DPRK, #CTI https://archive.is/LbK6h
lazarusholic5d ago
"Famous Chollima’s PylangGhost" published by PolySwarm. #FamousChollima, #PylangGhost, #DPRK, #CTI https://blog.polyswarm.io/famous-chollimas-pylangghost
Famous Chollima’s PylangGhost

Famous Chollima, a North Korean-aligned threat actor, has deployed PylangGhost, a Python-based remote access trojan (RAT), targeting cryptocurrency and blockchain professionals in India.

lazarusholic5d ago
"Identifying North Korean Kimsuky (APT43) Infrastructure" published by LCSC-IE. #Kimsuky, #DPRK, #CTI https://medium.com/@LCSC-IE/identifying-north-korean-kimsuky-apt43-infrastructure-b6817a58a65b
Identifying North Korean Kimsuky (APT43) Infrastructure

I recently came across a post on X in which “@freedomhack101” shared an IOC potentially related to Kimsuky. So what I wanted to do was try a quick pivot from this, which ultimately ended up leading…

Medium
lazarusholicJun 22
"북한 김수키(Kimsuky)에서 만든 악성코드-미신고 자금 출처명세서(찾아가는 법 찾기).zip(2025.6.4)" published by Sakai. #Kimsuky, #LNK, #DPRK, #CTI https://wezard4u.tistory.com/429517
북한 김수키(Kimsuky)에서 만든 악성코드-미신고 자금 출처명세서(찾아가는 법 찾기).zip(2025.6.4)

오늘도 북한 김수키(Kimsuky)에서 만든 악성코드인 미신고 자금 출처명세서(찾아가는 법 찾기).zip(2025.6.4)에 대해 알아보겠습니다. 일단 대충 견적을 보면 이메일로 피해자를 담그려고 한 것 같은 느낌이 듭니다.파일명: 미신고 자금 출처명세서(찾아가는 법 찾기).zip사이즈:1 MBMD5:e2328974ecc81be06619bbd06ebfacb4SHA-1:f1aa607507e97cf2dee3d3059d3b2b1e73e04087SHA-256:b24b1aa0a95e1c1a594bd8b34877fa156106bc0c41a4022ab7c4d3a9d6edfaa3압축 파일 내용첨부2.과세표준수정신고서 및 추가자진납부계산서(국세기본법 시행규칙)첨부1.취득자금 소명대상 금액의 출처 확인서(국제조세조정에 관..

꿈을꾸는 파랑새