Threat Research

    Inside DPRK Operations: New Lazarus and Kimsuky Infrastructure Uncovered Across Global Campaigns

    North Korean state-sponsored threat actors, including Lazarus and Kimsuky, continue to operate at a global scale, conducting espionage, financial crime, and access-driven attacks. While their malware, lures, and objectives evolve, these groups consistently reuse infrastructure such as IP addresses, certificates, open directories, and shared tooling....
    12/26/2025  0
    Read More »

    Lazarus Group's ScoringMathTea RAT

    ScoringMathTea is a newly uncovered C++ Remote Access Trojan used by North Korea’s Lazarus Group in a fresh phase of Operation DreamJob, targeting defense contractors supporting Ukraine to steal sensitive UAV technology....
    12/2/2025  0
    Read More »

    Gotta Fly: Lazarus Targets the UAV Sector

    North Korea-linked Lazarus Group has launched a new wave of Operation DreamJob, targeting European defense companies involved in unmanned aerial vehicle (UAV) development. The campaign uses trojanized open-source GitHub projects and the ScoringMathTea malware to steal proprietary data and manufacturing know-how....
    10/31/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.