Sony Pictures Entertainment

#BlockBuster • 2014-12

🇺🇸 United States

The Sony Pictures Entertainment attack involved Lazarus-linked Blockbuster malware with dropper, proxy, cleanup, credential-based lateral movement, C2 log reporting, and destructive disk/file wiping components. Evidence from Operation Blockbuster connected the SPE malware set to a wider Lazarus cluster through code reuse, shared implementation quirks, self-delete behavior, reused resources and passwords, and overlapping malware families spanning financial, media, manufacturing, Sony Pictures, and South Korean targets.

Related Actors

Related Reports

2022-05-25
Prelude
#APT38 #Blockbuster
2021-04-25
BBC
#Blockbuster #Podcast #Lazarus
2021-04-18
BBC
#Blockbuster #Podcast #Lazarus
2021-02-17
USJustice
#News #WannaCry #Blockbuster #BangSwift #NiceHash #FEIB #Bancomext #Bithumb2 #NigerianBank #TPBank #BankofValletta #KNF #BankIslami #OnlineCasino #Indodax #MarineChain #NYFSC
2018-11-01
Ahnlab
#Blockbuster #CoinRush #BigPond #MysteryDot #RedDot #Slides
2018-09-06
USJustice
#WannaCry #Blockbuster #BangSwift
2017-12-12
Intezer
#Blockbuster #Lazarus
2017-11-20
Paloalto Networks
#Blockbuster #Mobile
2017-08-14
Paloalto Networks
#Blockbuster
2017-04-07
Paloalto Networks
#Blockbuster #Lazarus
2016-02-24
Cisco Talos
#Blockbuster #Group77 #Lazarus
2016-02-24
Novetta
#Whitepaper #Blockbuster #Lazarus
2016-02-24
Blue Coat
#Blockbuster #SilentChollima #DarkSeoul #Destover
2016-02-24
Kaspersky
#Blockbuster #Lazarus
2014-12-28
piyokango
#Blockbuster
« Back