年度报告 | 2022年APT活动分析报告

2023-04-13 Threat Book Annual Report | 2022 APT Activity Analysis Report

https://app.ma.scrmtech.com/resources/ResourcePc/ResourcePcInfo?pf_uid=15831_1728&id=43127&source=1&pf_type=3&channel_id=28416&channel_name=%E5%BE%AE%E6%AD%A5%E5%AE%98%E7%BD%91-%E6%8A%A5%E5%91%8A%E9%A1%B5&tag_id=f73e5071434d81b6

Attachments

2022_APT_Activity_Analysis_Report_threatbook.pdf (11 MB)

Thumbnail for 年度报告 | 2022年APT活动分析报告

ThreatBook's 2022 APT activity report includes a DPRK section covering Lazarus, Kimsuky, and Group123 alongside other regional threat actors. Its Lazarus case study focuses on poisoned IDA Pro 7.5 installers aimed at security researchers, where a malicious win_fw.dll component creates a scheduled task and launches idahelper.dll to decrypt C2 addresses and download later payloads. The broader report treats the activity as part of 2022 state backed APT operations affecting government, financial, diplomatic, military, and energy targets.

Related Reports

« Back