Russian state-sponsored advanced persistent threat operation Gamaredon and North Korean hacking collective Lazarus Group may have entered an alliance to facilitate global attacks following the discovery of shared infrastructure, GBHackers News reports.Gamaredon's command-and-control servers had activity from a dubious IP address, which was later found to have been hosting Lazarus-linked InvisibleFerret malware, a report from Gen Threat Labs showed. Further analysis of the InvisibleFerret malware strain within the server revealed identical tooling and server structure as those leveraged in Lazarus' Contagious Interview attack campaign.With the potential collaboration between Gamaredon and Lazarus likely to enable more clandestine threat operations and enhanced cyber offensive capabilities for both Russia and North Korea, organizations' security teams have been urged to implement threat detection techniques allowing multi-actor attribution. Aside from bolstering infrastructure correlation assessments and prioritizing intelligence sharing, network defenders should also adopt multi-layered cyber threat defenses, said researchers.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds