Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

The new malicious company uses Cloudflare tunnels to deliver rats through phishing networks

June 18, 2025

1500+ Minecraft players infected with malicious Java software

June 18, 2025

Water Prought works 76 GitHub accounts for a multi -stage malicious company

June 18, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » Lazarus Group uses the Administrator Based Response to Manage Global Cyber-Read
Global Security

Lazarus Group uses the Administrator Based Response to Manage Global Cyber-Read

AdminBy AdminJanuary 29, 2025No Comments3 Mins Read
Global Cyber Attacks
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


January 29, 2025Red LakshmananIntelligence threats / malicious software

Global cyberattacks

North Korean actor threats known as Group Lazarus The use of the “Internet administrative platform” was noted to control the infrastructure of the teams and control (C2), giving the enemy the possibility of centralized control over all aspects of their companies.

“Each C2 server conducted a web administrative platform built with the React and API Node.js,” the Securityscard’s Strikes said in the new team report Share with Hacker News. “This administrative layer was consistent for all analyzed C2 servers, even when the attackers changed their useful loads and methods of aggravation for evasion.”

Cybersecurity

The hidden base was described as a comprehensive system and a center that allows the attackers to organize and manage exclusive data, maintain the supervision of the disturbed hosts and process the delivery of useful load.

The administrator panel, based on the web administration, was determined in connection with the supply chain attack company, called “Phant Circuit Operation” aimed at the cryptocurrency sector and developers around the world with trajonized versions of legitimate software packages.

The company estimated from September 2024 to January 2025 estimated that 233 victims around the world were found in Brazil, France and India. In January alone, the activities were sent for 110 unique victims in India.

Global cyberattacks

A Group Lazarus became something out of an expert on social engineeringAttraction promising objective Using LinkedIn as an initial vector of infection under the guise of profitable employment opportunities or co-operation over crypto projects.

Link operations with Pyongyang is associated with the use of Astrill VPN – having Previously been bound to the workers’ scheme (IT) for fraudulent information technologies – and the opening of six different North Korean IPs that were found, which started connections that were directed via Exit Exits Astrill VPN and the final points of Oculus Proxy.

Cybersecurity

“As a result, stubborn traffic eventually reached the C2 infrastructure organized on Starting branches Servers. These servers contributed to the delivery of useful load, the victim management and the expansion of data, “said SecurityScorecard.

Further analysis of the administrator’s component showed that it allows the subject to view the victims, as well as the search and filter of interest.

“Having built the embarrassed scraps into the legal software packages, Lazarus cheated on users in compromised applications, allowing them to allocate sensitive data and manage the victims through team servers and control (C2) over the port 1224,” the company said.

“The company’s infrastructure uses hidden administration panels based on response and API Node.js for centralized management data, affecting more than 233 victims world and intermediate trusts. “

Found this article interesting? Keep track of us further Youter  and LinkedIn To read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

The new malicious company uses Cloudflare tunnels to deliver rats through phishing networks

June 18, 2025

1500+ Minecraft players infected with malicious Java software

June 18, 2025

Water Prought works 76 GitHub accounts for a multi -stage malicious company

June 18, 2025

Fedramp at starting speed: obtained lessons

June 18, 2025

CISA warns about the active exploitation of vulnerability of the Linux kernel escalation

June 18, 2025

Ex-Analytics-Tsru, sentenced to 37 months for leaks of secret documents on national protection

June 18, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

The new malicious company uses Cloudflare tunnels to deliver rats through phishing networks

June 18, 2025

1500+ Minecraft players infected with malicious Java software

June 18, 2025

Water Prought works 76 GitHub accounts for a multi -stage malicious company

June 18, 2025

Fedramp at starting speed: obtained lessons

June 18, 2025

CISA warns about the active exploitation of vulnerability of the Linux kernel escalation

June 18, 2025

Ex-Analytics-Tsru, sentenced to 37 months for leaks of secret documents on national protection

June 18, 2025

Iran slows the Internet to prevent cyber -napades against the background of escalation of regional conflict

June 18, 2025

RCE Critical Error RCE Rate 9.9 CVSS in Backup and Replication

June 18, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

The new malicious company uses Cloudflare tunnels to deliver rats through phishing networks

June 18, 2025

1500+ Minecraft players infected with malicious Java software

June 18, 2025

Water Prought works 76 GitHub accounts for a multi -stage malicious company

June 18, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.