Positive Technologies uncovers a new APT group, Lazy Koala, targeting government entities

Published:

spot_img

Positive Technologies Discovers New APT Group Targeting Governments: Lazy Koala

Positive Technologies Expert Security Centre (PT ESC) has uncovered a new cybergroup named Lazy Koala, known for its simple yet effective attack techniques. The group has targeted organizations in Russia and six CIS countries, compromising approximately 867 employee accounts so far.

The attacks primarily focused on government, financial, medical, and educational institutions in Russia, Belarus, Kazakhstan, Uzbekistan, Kyrgyzstan, Tajikistan, and Armenia. The main objective of the attackers was to steal accounts from government organization employees to use in further attacks on internal structures or sell on the dark web.

Lazy Koala stands out for its basic techniques and the use of a primitive password stealer malware distributed through phishing. Denis Kuvshinov, Head of Threat Analysis at PT ESC, emphasized that the group’s motto is “harder doesn’t mean better,” as they achieve their goals without complex tools or tactics.

To combat such attacks, users are advised to avoid opening suspicious messages or links, download software from trusted sources, and stay informed about phishing techniques. Specialized security tools like MaxPatrol SIEM, PT NAD, and PT Sandbox can help detect and prevent data theft events and malicious activities associated with Lazy Koala.

Overall, the discovery of Lazy Koala highlights the ongoing threat of cyberattacks and the importance of proactive cybersecurity measures to safeguard sensitive information and infrastructure.

spot_img

Related articles

Recent articles

In Other News: Canadian Hacker Jailed, 14 Million Affected by KDDI Data Breach, Two Sentenced for ATM Jackpotting

In Other News: Canadian Hacker Jailed, 14 Million Affected by KDDI Data Breach, Two Sentenced for ATM Jackpotting In recent cybersecurity developments, significant incidents have...

In Kinshasa, President Tshisekedi Accelerates Ebola Response as President Ramaphosa Promotes African Solidarity

In Kinshasa, President Tshisekedi Accelerates Ebola Response as President Ramaphosa Promotes African Solidarity In a significant move to combat the ongoing Ebola outbreak, President Félix...

North Korea-Linked npm Packages Masquerade as Rollup Polyfills to Exfiltrate Developer Secrets

North Korea-Linked npm Packages Masquerade as Rollup Polyfills to Exfiltrate Developer Secrets Recent cybersecurity developments have revealed a new wave of malicious npm packages linked...

UK’s National Cyber Action Plan Delayed Amid Labour Leadership Crisis

UK's National Cyber Action Plan Delayed Amid Labour Leadership Crisis Britain's National Cyber Action Plan, a crucial initiative aimed at bolstering the economy against state-sponsored...