Wired, February 24, 2016
The hackers crippled Sony in 2014 weren’t striking for the first time. New research indicates that these hackers are part of a prolific group that’s been active since at least 2009. The research was conducted by a coalition of security firms working independently and together include Kaspersky Lab, Symantec, AlienVault Labs, and Novetta. The researchers have identified more than 45 unique families of malware used by the Lazarus Group. The researchers found these malware families primarily through the attackers’ re-use of passwords, identical snippets of code, encryption keys, obfuscation methods for avoiding detection, command-and-control structures, and other telling code details and techniques.
