North Korean nation-state threat actor using Play ransomware

A North Korean state-sponsored threat actor is suspected of collaborating with the Play ransomware gang in a September cyberattack, Palo Alto Networks Unit 42 reported Wednesday. The group tracked by Unit 42 as Jumpy Pisces, also known as Andariel, Onyx Sleet and Stonefly, made initial access via a compromised account in May 2024 and then deployed open-source and custom tools for lateral movement and persistence.

Source: SC Magazine

 


Date:

Categorie(s):

Tag(s):