Silent Push Pivots into New Lazarus Group Infrastructure, Acquires Sensitive Intel Related to $1.4B ByBit Hack and Past Attacks
2025-02-25 • Silentpush •
Silent Push linked fresh Lazarus infrastructure to the February 2025 Bybit theft, including bybit-assessment[.]com, which it says was registered hours before the $1.4 billion heist. The domain's WHOIS data tied it to trevorgreer9312@gmail[.]com, a persona and GitHub identity also seen in earlier BlueNoroff research. Analysts pivoted from api.nvidia-release[.]org and Tayvano's public research into active infrastructure, found 27 Astrill VPN IPs in test records, and described continued fake job-interview lures aimed at cryptocurrency users.
Indicators of Compromise
| Type | Value | First Seen | Last Seen |
|---|---|---|---|
| IPv4 | 38.32.68.195 | 2025-02-25 | 2026-04-12 |
| IPv4 | 77.247.126.189 | 2025-02-25 | 2026-02-22 |
| IPv4 | 70.39.70.194 | 2025-02-25 | 2026-02-22 |
| IPv4 | 194.33.45.162 | 2025-02-25 | 2026-01-21 |
| IPv4 | 70.36.99.82 | 2025-02-25 | 2026-01-21 |
| IPv4 | 23.106.169.120 | 2025-02-25 | 2026-01-21 |
| IPv4 | 45.86.208.162 | 2025-02-25 | 2026-01-21 |
| IPv4 | 38.75.137.213 | 2025-02-25 | 2026-01-21 |
| IPv4 | 74.222.14.83 | 2025-02-25 | 2026-01-21 |
| IPv4 | 23.106.161.1 | 2025-02-25 | 2026-01-21 |
| IPv4 | 91.239.130.102 | 2025-02-25 | 2026-01-21 |
| IPv4 | 208.115.228.234 | 2025-02-25 | 2026-01-21 |
| IPv4 | 38.170.181.10 | 2025-01-26 | 2026-01-21 |
| [email protected] | 2025-02-25 | 2025-12-16 | |
| DOMAIN | bybit-assessment.com | 2025-02-25 | 2025-12-10 |
| IPv4 | 104.223.97.2 | 2024-09-23 | 2025-12-03 |
| IPv4 | 70.32.3.15 | 2025-02-25 | 2025-09-04 |
| DOMAIN | skill-share.org | 2025-02-13 | 2025-09-04 |
| DOMAIN | camtechdrivers.com | 2025-02-25 | 2025-08-25 |
| DOMAIN | camdriversupport.com | 2025-02-25 | 2025-08-25 |
| DOMAIN | quickinterview360.com | 2025-02-25 | 2025-08-25 |
| DOMAIN | nvidia-release.org | 2025-01-16 | 2025-08-25 |
| DOMAIN | api.nvidia-release.org | 2025-01-16 | 2025-08-25 |
| IPv4 | 209.127.117.234 | 2025-02-25 | 2025-05-30 |
| IPv4 | 204.188.233.66 | 2025-02-25 | 2025-04-24 |
| IPv4 | 66.118.255.35 | 2025-02-25 | 2025-04-24 |
| IPv4 | 155.94.255.2 | 2024-09-23 | 2025-04-24 |
| IPv4 | 199.115.99.34 | 2024-09-23 | 2025-04-24 |
| IPv4 | 70.39.103.3 | 2023-07-12 | 2025-04-24 |
| DOMAIN | blockchainjobhub.com | 2025-02-25 | 2025-03-31 |
| DOMAIN | talentsnaptest.com | 2025-02-25 | 2025-03-31 |
| DOMAIN | talentview360.com | 2025-02-25 | 2025-03-31 |
| DOMAIN | jobinterview360.com | 2025-02-25 | 2025-03-31 |
| DOMAIN | quickhire360.com | 2025-02-25 | 2025-03-31 |
| [email protected] | 2025-02-25 | 2025-02-25 | |
| DOMAIN | easyinterview360.com | 2025-02-25 | 2025-02-25 |
| DOMAIN | gethirednow.org | 2025-02-25 | 2025-02-25 |
| DOMAIN | screenquestion.com | 2025-02-25 | 2025-02-25 |
| DOMAIN | skillmasteryhub.org | 2025-02-25 | 2025-02-25 |
| IPv4 | 199.188.200.35 | 2025-02-25 | 2025-02-25 |
| IPv4 | 91.222.173.30 | 2025-02-25 | 2025-02-25 |
| IPv4 | 23.83.129.1 | 2025-02-25 | 2025-02-25 |
| IPv4 | 189.1.170.50 | 2025-02-25 | 2025-02-25 |
| IPv4 | 107.174.131.204 | 2025-02-25 | 2025-02-25 |
| IPv4 | 107.172.242.4 | 2025-02-25 | 2025-02-25 |
| IPv4 | 198.23.241.254 | 2025-02-25 | 2025-02-25 |
| DOMAIN | talentcompetency.com | 2025-01-16 | 2025-02-25 |
| DOMAIN | wilio-talent.net | 2025-01-09 | 2025-02-25 |
| DOMAIN | willoassessment.com | 2025-01-09 | 2025-02-25 |
| DOMAIN | hiringinterview.org | 2025-01-09 | 2025-02-25 |
| DOMAIN | willorecruit.com | 2025-01-09 | 2025-02-25 |
| IPv4 | 104.223.98.2 | 2024-09-23 | 2025-02-25 |
Related Actors
Related Reports
Shares tags: Lazarus, Bybit • Published within a month
Shares tags: Lazarus, Bybit • Published within a month
Shares tags: Lazarus, Bybit • Published within a week
Shares tags: Lazarus, Bybit • Published within a week
2025-02-24 •
80% Match
#Lazarus
#Bybit
#T1082
#T1046
#T1027
#T1567
#T1552
#T1566
#T1059
#T1195
#T1078
#T1530
#T1590
#T1657
#T1583
#T1068
#T1485
#T1649
#T1021
#T1592.003
Shares tags: Lazarus, Bybit • Published within a week
Shares tags: Lazarus, Bybit • Published within a week