APT-C-26(Lazarus)组织持续升级攻击武器,利用Electron程序瞄准加密货币行业
2025-01-20 • Qihoo360 • APT-C-26 Lazarus Upgrades Attack Tools and Targets the Cryptocurrency Industry with Electron Applications •
360 describes APT-C-26, also tracked as Lazarus, using Electron-packaged malicious applications against cryptocurrency users and organizations. The campaign reportedly poisoned a uniswap-sniper-bot project and delivered an installer masquerading as an automated trading tool, which then downloaded and executed malicious code to steal sensitive information. The activity aligns with Lazarus financial targeting and software supply-chain style lures against the cryptocurrency sector.
Indicators of Compromise
| Type | Value | First Seen | Last Seen |
|---|---|---|---|
| IPv4 | 86.104.74.51 | 2024-12-03 | 2025-11-13 |
| HASH | 48c179680e0b37d0262f7a402860b2a7 | 2025-01-20 | 2025-03-17 |
| HASH | 61279d5e30f493bbdae9eab8ca99e9a4 | 2025-01-20 | 2025-01-20 |
| HASH | eac8edaf5a4637fd964d7a3d87f8189a | 2025-01-20 | 2025-01-20 |
| HASH | 457bb40c6fc10b3cd5a3b51e4eb672b2 | 2025-01-20 | 2025-01-20 |
| HASH | 2a8e4281213e4aaa485612f9ded261a2 | 2025-01-20 | 2025-01-20 |
| HASH | bc14c3ab8316e7ec373829ea7a6e2166 | 2025-01-20 | 2025-01-20 |
| HASH | bf82e3b5d25d167c168cc6600e797c53 | 2025-01-20 | 2025-01-20 |
| HASH | 1bb8b1d0282727ab9bc2deb3570cf272 | 2025-01-20 | 2025-01-20 |
| HASH | 8ebca0b7ef7dbfc14da3ee39f478e880 | 2024-08-13 | 2025-01-20 |
Related Actors
Related Reports
Shares tag: APT-C-26 • Same author: Qihoo360 • Published within a month
Shares tag: APT-C-26 • Same author: Qihoo360 • Published within a month
Shares tag: APT-C-26 • Same author: Qihoo360
Shares tag: APT-C-26 • Same author: Qihoo360
Shares tag: APT-C-26 • Same author: Qihoo360
Shares tag: APT-C-26 • Same author: Qihoo360