Security researchers are tracking new DDoS extortion activity by threat actor group Fancy Lazarus. The attacks have been primarily targeting US and global organizations from a range of sectors including energy, financial, insurance, manufacturing, public utilities and retail.
[ Learn 12 tips for effectively presenting cybersecurity to the board and 6 steps for building a robust incident response plan. | Sign up for CSO newsletters. ]The group – which formerly used monikers such as Fancy Bear, Lazarus, Lazarus Group, and Armada Collective, among others – went on hiatus for around a month from April to May 2021 following a campaign of ransom DDoS attacks against global financial institutions and organizations that started in mid-to-late August 2020. “In each case the threat actor demanded bitcoin payment or else a small-scale denial-of-service attack would be launched with a more substantial attack mere days later,” Proofpoint researchers explained in a blog posting. Now, the group has resurfaced with a new name and changes in its tactics, techniques and procedures (TTPs).
To read this article in full, please click here
Support the originator by clicking the read the rest link below.
