Contact Us Resources Client Support

Lazarus & Watering-hole Attacks

An outline and analysis of a series of attacks directed at Polish financial institutions based on a recent article from badcyber.com and our own additional findings.
Lazarus Watering-hole Attacks On 3rd February 2017, researchers at badcyber.com released an article that detailed a series of attacks directed at Polish financial institutions.
 
The article is brief, but states that "This is – by far – the most serious information security incident we have seen in Poland" followed by a claim that over 20 commercial banks had been confirmed as victims.
 
This report provides an outline of the attacks based on what was shared in the article, and our own additional findings.

 

 

Analysis

As stated in the blog, the attacks are suspected of originating from the website of the Polish Financial Supervision Authority (knf.gov[.]pl), shown below...
 
 
top
BAE Systems, Threat Research Team 13 February 2017

Related stories

Taiwan Heist
Security Research
Taiwan Heist: Lazarus Tools and Ransomware
Wanacrypt0r Ransomworm
Security Research
WanaCrypt0r Ransomworm
Operation Cloud Hopper
Security Research
APT10 - Operation Cloud Hopper
Bank Heist Money Laundering
Financial Crime
As money laundering scams go, the Bangladesh Bank heist wasn't that...
Cyber Heist Attribution
Security Research
Cyber Heist Attribution​
Two bytes to $951m
Security Research
Two bytes to $951m
ASUS blog
Security Research
Multiple vulnerabilities affecting several ASUS
Testing your defences against SQL injection
Security Research
Testing your defences against SQL injection
Cryptolocker
Security Research
A Bumper Harvest - Cryptolocker Address Book Theft
Peering into Dyre's Traffic
Security Research
Peering into Dyre's Traffic
New Mac Malware OS Malware Exploits MacKeeper
Security Research
New Mac OS Malware Exploits MacKeeper
PHP Escapeshellorg
Security Research
Security issues with using PHP's escapeshellarg