Some financially motivated cyber-attacks previously attributed to the infamous Lazarus Group are actually the work of another North Korean state-sponsored threat group, according to FireEye.
The vendor’s latest report details the activities of APT38: a “large, prolific operation with extensive resources” that has already attempted to steal over $1bn from 16 organizations in at least 11 countries, many simultaneously.
Although the group may share personnel, code repositories and other resources with Lazarus and the TEMP.Hermit group, APT38’s TTPs are distinct and its aim is primarily to steal money for the hermit nation rather than carry out politically motivated espionage or destructive attacks, the report claimed.
By Phil Muncaster
To read the full article click here.