Lazarus Group
Affiliations
This threat actor targets and compromises entities primarily in South Korea and South Korean interests for espionage, disruption, and destruction. It has also been known to conduct cyber operations for financial gain, including targeting cryptocurrency exchanges. In 2018, the U.S. Department of Homeland Security issued a malware analysis report on a tool called Typeframe used by the Lazarus Group. In September 2018, the U.S. Department of Justice criminally charged and sanctioned Park Jin-hyok and Chosun Expo Joint Venture, alleged members of this threat actor.
Suspected victims
  • South Korea
  • Bangladesh Bank
  • Sony Pictures Entertainment
  • United States
Suspected state sponsor
  • Korea (Democratic People's Republic of)
Type of incident
  • Espionage
Target category
  • Government
  • Private sector