- Security Assessment
- Red Teaming
- Pre-IR Assessment
- Compromise Assessment
- Brand Protection
- GIB Crypto
Indicators of compromise to check if your organisation was, or is, under attack by Lazarus
Detailed description of infrastructure used by Lazarus to cover up tracks leading to North Korea
In-depth analysis of tools that allowed attackers to stay unnoticed in the corporate infrastructure
Tactics, Techniques, Procedures (TTPs) and recommendations on how to prevent infection
Due to continued media attention and alleged connections to North Korea, Lazarus has become a well‑known hacking group. However, existing attribution based primarily on malware code similarities is not always reliable.
Group-IB identified new non-malware evidence of North Korean involvement in recent attacks, revealing their chain of anonymized nodes and C&C infrastructure — allowing better understanding of their goals and motivation. This report contains an in-depth review of North Korean cyber division tools and tactics as well as recommendations on how to track their involvement in recent attacks on financial institutions and other critical infrastructure.
Chief Technical Officer, Сo‑founder Group‑IB
Group-IB’s security ecosystem provides comprehensive protection for your IT infrastructure based on our unique cyber intelligence and deep analysis of attacks and incident response.
Аctionable, finished intelligence to track actors and prevent attacks before they happen
Intelligence-driven network protection even from the most advanced attacks
Client-side fraud and attack prevention system for online banking, working across sessions, platforms and devices
Protection from bots, fraud and data leakage for e‑commerce and web portals