Who is Lazarus Group?

Lazarus Group is a threat actor attributed to KP, also known as ZINC, DEV-1222, COVELLITE. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Lazarus Group exploit?

Specific CVE exploitation data for Lazarus Group is being tracked. Check the Strobes VI threat actor profile for updates.

Lazarus Group

Also known as: ZINC, DEV-1222, COVELLITE, Operation GhostSecret, ATK3, Nickel Academy, Diamond Sleet, Operation Troy, Unit 121, Hidden Cobra, Operation AppleJeus, ATK117, Moonstone Sleet, G0032, APT 38, Group 77, Dark Seoul, Subgroup: Bluenoroff, APT38, COPERNICIUM, Hastati Group, Appleworm, TA404, NICKEL GLADSTONE, G0082, Andariel, DEV-0139, Lazarus group, Labyrinth Chollima, Whois Hacking Team, Citrine Sleet, Bureau 121, Zinc, Operation DarkSeoul, APT-C-26, Stardust Chollima, Bluenoroff, NewRomanic Cyber Army Team, Sapphire Sleet, BeagleBoyz

Exploited CVEs

Overview

Since 2009, HIDDEN COBRA actors have leveraged their capabilities to target and compromise a range of victims; some intrusions have resulted in the exfiltration of data while others have been disruptive in nature. Commercial reporting has referred to this activity as Lazarus Group and Guardians of Peace. Tools and capabilities used by HIDDEN COBRA actors include DDoS botnets, keyloggers, remote access tools (RATs), and wiper malware. Variants of malware and tools used by HIDDEN COBRA actors include Destover, Duuzer, and Hangman.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database

Quick Actions