Skip to content

Lazarus & Watering-hole Attacks

Author

BAE Systems, Threat Research Team

Published

13 February 2017

An outline and analysis of a series of attacks directed at Polish financial institutions based on a recent article from badcyber.com and our own additional findings.

On 3rd February 2017, researchers at badcyber.com released an article that detailed a series of attacks directed at Polish financial institutions.

The article is brief, but states that "This is – by far – the most serious information security incident we have seen in Poland" followed by a claim that over 20 commercial banks had been confirmed as victims.

This report provides an outline of the attacks based on what was shared in the article, and our own additional findings.

Analysis

As stated in the blog, the attacks are suspected of originating from the website of the Polish Financial Supervision Authority (knf.gov[.]pl), shown below...

Read in full on our Threat Research Blog

Related stories

Showing 340 results

16 April 2026 INSIGHT

Cross Domain is the glue between the five operational domains

The latest in our Power of Perspective series. Richard Byng, Head of Cross Domain at BAE Systems Digital Intelligence, explains how Cross Domain enables collaboration without compromising security

Undersea infrastructure protection: Defending the hidden arteries of our digital world

09 April 2026 INSIGHT

Undersea infrastructure protection: defending the hidden arteries of our digital world

Subsea cables are the unseen arteries of our global economy and modern way of life. This vast, submerged network carries the data that fuels our businesses, connects our communities and supports our national security.

27 March 2026 INSIGHT

The rise of hybrid UAS: part two – countering the threat through integrated solutions

The second of a two-part blog series, we look at how to counter the growing threat from uncrewed aerial vehicles (UAVs) and uncrewed aerial systems (UAS).

Henry's perspective

24 March 2026 INSIGHT

Purposeful AI matters now more than ever

The latest in our Power of Perspective series. Henry Tse, Head of Global Products at BAE Systems Digital Intelligence, shares an update on how our customers can get the most out of Artificial Intelligence (AI).

23 March 2026 INSIGHT

AUKUS ‘Pillar 2’: Enhancing collective cyber capabilities

We examine the opportunities cyber could bring to the AUKUS partnership, from strengthening national resilience to protecting critical systems

Ghost in the fight image

18 March 2026 INSIGHT

AI-enabled Electromagnetic Warfare – finding and stopping threats dynamically

Electromagnetic Warfare (EW) can be as important to defence as munitions. Unless you can get your uncrewed air system to its destination or transmit the intelligence it gathers, your mission will fail. Conversely, if you can deny enemy drones from your own airspace, then you have a crucial advantage.

Get in touch

BAE Systems, Threat Research Team