Fluid Attacks links Lazarus to North Korea’s Reconnaissance General Bureau and describes the group as a state-sponsored operation active since at least 2009. The article says recent North Korean campaigns targeted South Korean government officials, financial institutions, banking organizations, KISA, foreign-affairs offices, universities, and nuclear-related international organizations. It also summarizes Lazarus activity against Sony, international banks, cryptocurrency companies, WannaCry victims, and the Bangladesh Central Bank, tying these operations to espionage, disruption, ransomware, and financially motivated theft. The excerpt distinguishes Lazarus subdivisions including Andariel, which it says has focused on South Korean entities and attempted theft of bank-card data through ATM intrusions, and Bluenoroff, which is described as financially motivated.