Date of report
- February 2021
Affiliations
North Korean APT Lazarus Group used a custom backdoor dubbed ThreatNeedle to laterally move through infected defense firm networks and gather sensitive information in over a dozen countries. The actor achieved initial entry to victim networks through spear-phishing emails with malicious attachments or links.
Suspected victims
- Defense firms in more than a dozen countries
Suspected state sponsor
- Korea (Democratic People's Republic of)
Type of incident
- Espionage
Target category
- Private sector