Researchers with Check Point have uncovered the first-known North Korean cyber attack campaign that targets Russian businesses. North Korean hackers belonging to the notorious Lazarus Group have been targeting Russian firms with emails containing malicious Microsoft Office documents. If a recipient opens the attachment, malicious code is launched that installs the KEYMARBLE backdoor malware on the victim’s system.
The Lazarus Group is widely considered to be among the most dangerous hacking groups out there. While it has targeted numerous organizations across the globe, including Sony Pictures in 2014, the group has not gone after Russian firms until now, probably because of the relatively good relations between Russia and North Korea. Check Point’s researchers are therefore surprised by the new campaign, and have no direct explanation for why Lazarus Group has suddenly decided to go after Russian targets.
Read more: North Korea’s Lazarus Group Targets Russian Companies For First Time