Names | LazyScripter (Malwarebytes) | |
Country | [Unknown] | |
Motivation | Information theft and espionage | |
First seen | 2018 | |
Description | (Malwarebytes) Malwarebytes’ Threat Intelligence analysts are continually researching and monitoring active malware campaigns and actor groups as the prevalence and sophistication of targeted attacks rapidly evolves. In this paper, we introduce a new APT group we have named LazyScripter, presenting in-depth analysis of the tactics, techniques, procedures, and infrastructure employed by this actor group. | |
Observed | Sectors: Aviation. Countries: Canada. | |
Tools used | Adwind, EmpireProject, Empoder, Invoke-Ngrok, Koadic, KOCTOPUS, Luminosity RAT, Nishang, njRAT, Octopus, QuasarRAT, RemcosRAT, RMS. | |
Information | <https://resources.malwarebytes.com/files/2021/02/LazyScripter.pdf> | |
MITRE ATT&CK | <https://attack.mitre.org/groups/G0140/> |
Last change to this card: 30 December 2022
Download this actor card in PDF or JSON format
Previous: Subgroup: Bluenoroff, APT 38, Stardust Chollima
Next: Lead
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |