Lazarus Group Uses Hidden Layer for Cyber Attacks
/ 1 min read
💻👻 North Korea’s Lazarus Group Employs Sophisticated Admin Layer in Cyber Attacks. An investigation by SecurityScorecard has revealed that North Korea’s Lazarus group is utilizing a hidden administrative layer, dubbed “Phantom Circuit,” to manage its command-and-control (C2) infrastructure for global cyber attacks targeting cryptocurrency entities and software developers. This infrastructure allows Lazarus to oversee compromised systems, control malware delivery, and exfiltrate data efficiently. The group has been posing as recruiters to lure developers into executing malicious code, resulting in over 230 victims downloading harmful payloads. SecurityScorecard’s findings indicate that the group’s dual motivations include cryptocurrency theft and corporate network infiltration, with sophisticated operational security measures in place to obscure their activities back to Pyongyang.
