- Security Assessment
- Red Teaming
- Compliance Audit
- Pre-IR Assessment
- Compromise Assessment
- Cyber Education
- GIB Crypto
Indicators of compromise to check if your organisation was, or is, under attack by Lazarus
Detailed description of infrastructure used by Lazarus to cover up tracks leading to North Korea
In-depth analysis of tools that allowed attackers to stay unnoticed in the corporate infrastructure
Tactics, Techniques, Procedures (TTPs) and recommendations on how to prevent infection
Due to continued media attention and alleged connections to North Korea, Lazarus has become a well‑known hacking group. However, existing attribution based primarily on malware code similarities is not always reliable.
Group-IB identified new non-malware evidence of North Korean involvement in recent attacks, revealing their chain of anonymized nodes and C&C infrastructure — allowing better understanding of their goals and motivation. This report contains an in-depth review of North Korean cyber division tools and tactics as well as recommendations on how to track their involvement in recent attacks on financial institutions and other critical infrastructure.
Chief Technical Officer, Сo‑founder Group‑IB
Group-IB’s security ecosystem provides comprehensive protection for your IT infrastructure based on our unique cyber intelligence and deep analysis of attacks and incident response.
Аctionable, finished intelligence to track actors and prevent attacks before they happen
Comprehensive solution to protect corporate network, hunt for threats and respond to even the most complex cyber attacks
Client-side digital identity protection and fraud prevention in real time
AI-driven online platform for external digital risk identification and mitigation
The well-known complete guide to the latest tactics, techniques, and procedures of ransomware operators based on MITRE ATT&CK®