@BushidoToken Threat Intel

  Introduction The BBC World Service has recently produced The Lazarus Heist podcast (available here ), researched and presented by Geoff White and  Jean H. Lee . This thrilling podcast dives into the intracacies of the elaborate Bangladesh Bank heist attempt to steal $1 billion. As a security researcher that actively tracks the Lazarus group and any mentions of North Korean cyber activity, I found this podcast series was extremely detailed and well researched. There are so many additional info gems that anyone who has researched North Korea will enjoy. I also highly recommend it for any threat intelligence analysts investigating North Korean cyber activity.  The Lazarus Heist podcast also made me want to revisit what I have learned about North Korean advanced persistent threat (APT) groups. In February 2020, I blogged about who the Lazarus group is and what campaigns they are known for (see here ). This was one of my first blogs and I was eager to learn more while resea...

“The North Korean-based Lazarus Group is a state-sponsored hacking organization responsible for some of the costliest computer intrusions in history, including the cyber attack on Sony Pictures Entertainment, a series of attacks targeting banks across the world that collectively attempted to steal more than one billion dollars, and the WannaCry ransomware attack that affected tens of thousands of computer systems across the globe. ” - Federal Bureau of Investigation, US Department of Justice. Although it may seem unusual to those outside of the security industry, North Korea presents one of the greatest cyber threats on the global stage, to the financial sector, to critical infrastructure, to multinational conglomerates, and it will employ cyber-espionage and cyber-warfare against the regime's opposition. The main way security researchers and vendors track North Korean activity is through attributing attacks to the Lazarus advanced persistent threat (APT). However, this gr...