JAKARTA - The Kaspersky Research and Analysis Team (GReAT) discovered a new APT campaign carried out by the Lazarus gang, which was distributed via malware and spread via legitimate software.

Kaspersky's GReAT team identified that this series of cyber incidents was designed to encrypt web communications using digital certificates.

According to him, even though the vulnerabilities had been reported and patched, many organizations still used old versions of their software, which became an entry point for the Lazarus group.

“The Lazarus group's continued activities are a testament to their advanced capabilities and unwavering motives. "They operate on a global scale, targeting various industries with a variety of methods," said Seongsu Park, Principal Security Researcher on Kaspersky's Global Research and Analysis Team in a statement received.

The Lazarus group showed its sophistication at its best, using advanced evasion techniques and deploying the "SIGNBT" malware to control victims.

 

They also implemented the LPEClient tool, where the malware acts as a starting point for infection and plays a critical role in profiling victims and delivering its payload.

Further investigation revealed that the Lazarus malware had targeted its initial victims, software vendors, several times before.

This recurring attack pattern suggests a determined and focused adversary, likely aiming to steal critical source code or disrupt the software supply chain.

"This indicates an ongoing and growing threat that requires higher vigilance," concluded Park.


The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)