Skip to content

Hide Navigation Hide TOC

Lizar (65d46aab-b3ce-4f5b-b1fc-871db2573fa1)

Lizar is a modular remote access tool written using the .NET Framework that shares structural similarities to Carbanak. It has likely been used by FIN7 since at least February 2021.[BiZone Lizar May 2021][Threatpost Lizar May 2021][Gemini FIN7 Oct 2021]

Cluster A Galaxy A Cluster B Galaxy B Level
FIN7 (4348c510-50fc-4448-ab8d-c8cededd19ff) Tidal Groups Lizar (65d46aab-b3ce-4f5b-b1fc-871db2573fa1) Tidal Software 1
Bl00dy Ransomware Gang (393da13e-016c-41a3-9d89-b33173adecbf) Tidal Groups Lizar (65d46aab-b3ce-4f5b-b1fc-871db2573fa1) Tidal Software 1