Who is Lazarus Group?

Lazarus Group is a threat actor attributed to KP, also known as Appleworm, TA404, Operation AppleJeus. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Lazarus Group exploit?

Specific CVE exploitation data for Lazarus Group is being tracked. Check the Strobes VI threat actor profile for updates.

Lazarus Group

Also known as: Appleworm, TA404, Operation AppleJeus, Unit 121, Diamond Sleet, Andariel, G0032, Group 77, Operation Troy, Bluenoroff, Hastati Group, NewRomanic Cyber Army Team, Stardust Chollima, Citrine Sleet, APT-C-26, ZINC, ATK117, NICKEL GLADSTONE, Black Artemis, Sapphire Sleet, Labyrinth Chollima, Operation DarkSeoul, Lazarus group, Bureau 121, COPERNICIUM, DEV-0139, G0082, Subgroup: Bluenoroff, Moonstone Sleet, APT38, DEV-1222, APT 38, ATK3, COVELLITE, BeagleBoyz, Dark Seoul, Operation GhostSecret, Zinc, Whois Hacking Team, Nickel Academy, Hidden Cobra

Exploited CVEs

Overview

Since 2009, HIDDEN COBRA actors have leveraged their capabilities to target and compromise a range of victims; some intrusions have resulted in the exfiltration of data while others have been disruptive in nature. Commercial reporting has referred to this activity as Lazarus Group and Guardians of Peace. Tools and capabilities used by HIDDEN COBRA actors include DDoS botnets, keyloggers, remote access tools (RATs), and wiper malware. Variants of malware and tools used by HIDDEN COBRA actors include Destover, Duuzer, and Hangman.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database

Quick Actions