Seongsu Park
Last known affiliation: Kaspersky
Bio: Seongsu Park is a passionate researcher on malware research, threat intelligence, and incident response with over a decade year of experience in cybersecurity. He has extensive experience in malware researching, evolving attack vectors researching, and threat intelligence with a heavy focus on response to nation-state adversary attacks. He’s mostly tracking high-skilled Korean-speaking threat actors. Now he is working in the Kaspersky Global Research and Analysis Team(GReAT) as a lead security researcher and focuses on analyzing and tracking security threats in the APAC region.
Date: 2023-04-12
Perfect Smoke and Mirrors of Enemy: Following Lazarus group by tracking DeathNote campaign
Seongsu Park 🗣
Seongsu Park 🗣
Abstract (click to view)
Prime suspects behind the Sony Pictures Entertainment cyberattack, Wannacry outbreak are a hacker collective known as Lazarus Group with associations with the Pyongyang regime. This notorious adversary is one of the most active and dangerous hacking groups to date and is known to have conducted cyberattacks for financial profits and cyber espionage in the past. Lazarus is a prolific group with numerous malware clusters, one of which we dubbed DeathNote. After several years of tracking this cluster, we have been able to note its characteristics and latest tactics.