The hackers that released troves of private information about Sony Pictures in 2014 are still on the attack, according to a new report from a collection of cybersecurity firms.
The attackers have been named the “Lazarus Group” by the cybersecurity collective, which includes Novetta and Symantec Corp. By analyzing the malware used in the Sony hack, researchers have been able to trace the group’s activities using similar code around the world. The Lazarus Group was also behind a large attack on South Korean TV stations in 2013, as well as ongoing attacks on government, financial and media institutions in the U.S. and Asia. The researchers say they detected activity by the cybercrime group as recently as last week.
The U.S. has blamed the Sony Pictures hack on North Korea. The cybersecurity firms didn’t say outright that the country was responsible, but they did note that many of the Lazarus Group’s attacks center on South Korea and that their typical hours of operation match working hours in North Korea’s time zone.
“We believe the U.S. government assertion that [the Sony attack] was the work of a nation-state is far more likely than this being the work of a hacktivist group or a vindictive former employee,” Novetta CEO Peter LaMontagne said.
More Must-Reads from TIME
- Introducing the 2024 TIME100 Next
- The Reinvention of J.D. Vance
- How to Survive Election Season Without Losing Your Mind
- Welcome to the Golden Age of Scams
- Did the Pandemic Break Our Brains?
- The Many Lives of Jack Antonoff
- 33 True Crime Documentaries That Shaped the Genre
- Why Gut Health Issues Are More Common in Women
Contact us at letters@time.com