The hackers that released troves of private information about Sony Pictures in 2014 are still on the attack, according to a new report from a collection of cybersecurity firms.
The attackers have been named the “Lazarus Group” by the cybersecurity collective, which includes Novetta and Symantec Corp. By analyzing the malware used in the Sony hack, researchers have been able to trace the group’s activities using similar code around the world. The Lazarus Group was also behind a large attack on South Korean TV stations in 2013, as well as ongoing attacks on government, financial and media institutions in the U.S. and Asia. The researchers say they detected activity by the cybercrime group as recently as last week.
The U.S. has blamed the Sony Pictures hack on North Korea. The cybersecurity firms didn’t say outright that the country was responsible, but they did note that many of the Lazarus Group’s attacks center on South Korea and that their typical hours of operation match working hours in North Korea’s time zone.
“We believe the U.S. government assertion that [the Sony attack] was the work of a nation-state is far more likely than this being the work of a hacktivist group or a vindictive former employee,” Novetta CEO Peter LaMontagne said.
More Must-Reads from TIME
- Donald Trump Is TIME's 2024 Person of the Year
- Why We Chose Trump as Person of the Year
- Is Intermittent Fasting Good or Bad for You?
- The 100 Must-Read Books of 2024
- The 20 Best Christmas TV Episodes
- Column: If Optimism Feels Ridiculous Now, Try Hope
- The Future of Climate Action Is Trade Policy
- Merle Bombardieri Is Helping People Make the Baby Decision
Contact us at letters@time.com