Threatcast™: How RiskIQ Host Pairs Confirmed the Lazarus Group Attack on Polish Banking

  • Speaker(s): Gary Paluch, RiskIQ | Sam Curcuruto, RiskIQ

See an investigation of a recent attack against banking institutions.

Host Pairs Explanation RiskIQIn this Threatcast™, we break down a recent string of attacks against Polish banking institutions, which share traits with the 2014 assault on Sony Corp linked to the Lazarus Group.

The example we examine reveals how this attack on the Polish Financial Supervision Authority is part of a larger international hacking effort.

We run a live investigation of the attack and discuss key learnings including how:

  • Host Pair data sets were crucial to confirming relationships to the KNF site that hosted the malicious iframe that pointed at two malicious URLs
  • RiskIQ virtual users provide an understanding of exactly what happens when a page is loaded, uncover stealthy attacks that happen behind the scenes, and speed up confirmation and mitigation of threats
  • Security teams can prevent and proactively investigate website compromises like this

Join us as Sam Curcuruto, Sr. Product Marketer and Gary Paluch, Sr. Sales Engineer take a deep dive into this attack.

Sam Curcuruto Headshot Sam Curcuruto
Sr. Product Marketer
Gary Paluch Headshot Gary Paluch
Sr. Sales Engineer

Watch the Video