Researchers obtain a command server used by North Korean hacker group
Researchers with McAfee have conducted new research on Operation Sharpshooter, a global attack campaign the researchers link to the notorious North Korean hacking group known as Lazarus. A US government agency made the McAfee research possible by providing the company with access to an Operation Sharpshooter command and control (C2) server.
According to the report, the threat actors used the C2 server to target government agencies and telcos across the globe with backdoor malware dubbed ‘Rising Sun’, which allowed them to spy on targets and steal data. While the researchers already suspected Lazarus to be behind Operation Sharpshooter, they didn’t have conclusive evidence until now.