07-29-2020 , 05:35 PM
Quote:Kaspersky researchers have traced VHD ransomware, first discussed in public in the Spring of 2020, to Lazarus, a prominent North-Korean APT group, the company announced on Tuesday.
According to Kaspersky, the move by Lazarus to create and distribute ransomware, signifies a change of strategy and indicates a readiness to pursue cyber attacks for financial gain, which researchers say is highly unusual among state-sponsored APT groups.
In March and April 2020, a few cybersecurity organizations, including Kaspersky, reported on VHD ransomware – a malicious program designed to extort money from its victims, which stood out due to its self-replication method.
While, at the time, the actor behind the attacks was not determined, Kaspersky researchers linked the VHD ransomware to Lazarus with high confidence following analysis of an incident where it was used in close conjunction with known Lazarus tools against businesses in France and Asia.
( Continur Reading Article ).