Home / Posts with tag "ThreatNeedle"

ThreatNeedle

Lazarus targets defense industry with ThreatNeedle

25 February 2021

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.