JPCERT/CC argues that Lazarus should be treated as a collection of overlapping subgroups rather than a single actor label, because shared tooling, infrastructure, and social-engineering tradecraft now blur campaign and group boundaries. The article explains why subgroup-level attribution matters for Japan: it enables more precise sector alerts, supports longer-term countermeasures and potential counter-operations, and signals defender visibility to the operators behind DPRK-linked activity. It highlights Moonstone Sleet, Gleaming Pisces/Citrine Sleet, and Contagious Interview as examples where similar LinkedIn/SNS lures, PyPI/npm packages, RAT lineages, and cryptocurrency or IT-worker objectives complicate classification. The report is important for DPRK tracking because it maps Lazarus-related labels, campaigns, and aliases while cautioning against overconfident attribution when TTPs overlap across subgroups.