pascon_2023_KEYNOTE-6.pdf (2 MB)

KISA's presentation on Lazarus large-scale infection campaigns in 2023 analyzes operations involving financial security software exploitation. The material frames the incidents around initial access techniques, malware propagation, intrusion into internal networks, and attribution conclusions. It highlights a domino effect from exploiting software used in everyday Korean internet-banking workflows, including downloader behavior, registry-data decryption, memory injection, encrypted-file decryption, and abuse of Windows application event-log and stack-buffer-overflow conditions.