ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > LazyScripter

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link APT group: LazyScripter

NamesLazyScripter (Malwarebytes)
Country[Unknown]
MotivationInformation theft and espionage
First seen2018
Description(Malwarebytes) Malwarebytes’ Threat Intelligence analysts are continually researching and monitoring active malware campaigns and actor groups as the prevalence and sophistication of targeted attacks rapidly evolves. In this paper, we introduce a new APT group we have named LazyScripter, presenting in-depth analysis of the tactics, techniques, procedures, and infrastructure employed by this actor group.
ObservedSectors: Aviation.
Countries: Canada.
Tools usedAdwind, EmpireProject, Empoder, Invoke-Ngrok, Koadic, KOCTOPUS, Luminosity RAT, Nishang, njRAT, Octopus, QuasarRAT, RemcosRAT, RMS.
Information<https://resources.malwarebytes.com/files/2021/02/LazyScripter.pdf>
MITRE ATT&CK<https://attack.mitre.org/groups/G0140/>

Last change to this card: 30 December 2022

Download this actor card in PDF or JSON format

Previous: Subgroup: Bluenoroff, APT 38, Stardust Chollima
Next: Lead

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]