95

Sophistication

2008

First Seen

85

Notoriety

92

Stealth

93

Immersive Rating

94

Impact

88

Tactics Variety

Lazarus Group

A North Korean state-linked threat group known for a blend of espionage, cyber-crime, and destructive operations. This group was behind major incidents, including the Sony Pictures hack and the WannaCry ransomware outbreak. Highly resourced, adaptive, and capable across financial theft, supply-chain compromise, and espionage.

‍

Key behaviours to watch:

Spear-phishing delivering custom loaders (e.g., Manuscrypt, AppleJeus) for credential theft and remote access.
Long-term persistence using DLL side-loading, scheduled tasks, and compromised VPN accounts.
Financial operations involving crypto-exchange compromise, mixer abuse, and multi-stage laundering chains.

Immersive coverage includes:

Lazarus Threat Actors Lab

Blog

Releated Content

January 13, 2026

Patch Tuesday January 2026 - Critical Microsoft Security Patches Released Including Vulnerabilities Being Actively Exploited in the Wild

December 31, 2025

Atera Under the Spotlight: Exploring More Effective Detections

December 9, 2025

Patch Tuesday December 2025 - Critical Microsoft Security Patches Released For Privilege Escalation and Remote Code Vulnerabilities

No items found.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

R00TK1T ISC CyberTeam

40

2023

50

41

55

40

42

Salt Typhoon

95

2021

89

98

97

94

83

Sandworm Team

95

2009

86

96

96

97

89

Scattered Spider

85

2022

90

77

86

90

48

Sector 16

57

2025

41

59

51

45

66

SocGhoulish

48

2018

50

53

63

66

68

StrongPity

75

2012

50

55

42

60

70

Transparent Tribe

70

2013

65

68

45

67

64