Rare APT Collaboration Emerges Between Russia and North Korea
techrepublic.comResearchers say Russia’s Gamaredon and North Korea’s Lazarus may be sharing infrastructure — a rare APT collaboration.
A new discovery from Gen Threat Labs indicates that Russia’s Gamaredon and North Korea’s Lazarus may be sharing operational infrastructure — a rare and concerning sign of cooperation between state-sponsored threat actors.
Early analysis shows activity from both threat actors on the same server within days, a convergence researchers describe as “too close to ignore.”
“These partnerships demonstrate a growing trend of resource sharing and tactical alignment within national ecosystems, amplifying the reach and resilience of state-sponsored campaigns,” researchers wrote in a blog post.
Inside the shared infrastructure linking two APTs
On July 28, 2025, Gen’s internal monitoring systems flagged a known Gamaredon command-and-control (C2) address — 144[.]172[.]112[.]106 — after detecting activity tied to the group’s Telegram and Telegraph-based infrastructure.
Four ...
Copyright of this story solely belongs to techrepublic.com . To see the full text click HERE