APT38-Lazarus-Threat-Analysis-Report-from-ADEO

ADEO APT38 Lazarus Threat Analysis Report

This report explains how North Korean state sponsored APT group known as Lazarus / APT38 (a.k.a Hidden Cobra) targeted Turkey’s financial sector. This group was seen targeting various critical sectors across the world, but the group’s special interest in finance can be explained with their effort to overcome the sanctions applied to North Korean government.

In year 2019 we noticed that they have been targeting financial institutions in EMEA region as well as in Turkey. However, this is not the first time Lazarus is seen orchestrating financially motivated attacks. The infamous Bangladesh Bank Heist2 was their biggest financially motivated attack yet where they managed to steal more than $80 Million. Fortunately, none of the attacks against Turkey resulted in such disaster.

The activities that are explained in this report are the results of one of our compromise assessments projects that was performed for a financial organization in 2019.