June 23, 2021


Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

New DDoS extortion attacks detected as Fancy Lazarus group returns

Security researchers are tracking new DDoS extortion activity by threat actor group Fancy Lazarus. The attacks have been primarily targeting US and global organizations from a range of sectors including energy, financial, insurance, manufacturing, public utilities and retail.

The group – which formerly used monikers such as Fancy Bear, Lazarus, Lazarus Group, and Armada Collective, among others – went on hiatus for around a month from April to May 2021 following a campaign of ransom DDoS attacks against global financial institutions and organizations that started in mid-to-late August 2020. “In each case the threat actor demanded bitcoin payment or else a small-scale denial-of-service attack would be launched with a more substantial attack mere days later,” Proofpoint researchers explained in a blog posting. Now, the group has resurfaced with a new name and changes in its tactics, techniques and procedures (TTPs).

To read this article in full, please click here