North Korean threat actor Lazarus Group has been observed by security researchers deploying a Windows rootkit. The rootkit has been deployed by exploiting a Dell firmware driver, the researchers say. ESET was the first to detect this addition to the group’s constantly evolving techniques. According to ESET the campaign was

Notorious North Korean-associated hacking group Lazarus has been identified in a new campaign weaponizing legitimate open-source software. The software is being leverages by the group to target employees in organizations across multiple industries and countries. Microsoft’s Threat Intelligence Center recently published an advisory regarding the threat on Thursday. The report

New information has led researchers to believe that the Lazarus threat actor group has expanded its campaign leveraging fake job opportunities to lure cryptocurrency professionals. The fake job profiles have been extended to cryptocurrency exchanges that mislead job seekers into downloading malware. The attack is targeting macOS users, according to

North Korean advanced persistent threat actor Lazarus is leveraging the current popularity of the blockchain and cryptocurrency industry to target organizations and individuals running Apple and Intel-based systems. The cyber espionage campaign recently identified consists of Lazarus deploying fake job postings for Coinbase. The job posting contains a malicious Mac

Security researchers at Trellix discovered new VHD ransomware linked to North Korea’s Lazarus group. Although the researchers suspect that the malware has been around since March 2020, it has never been tied to a group. Researchers at Trellix examined source code and Bitcoin transactions to link the ransomware to the

Recent attacks against security researchers have been linked to North Korean APT ZINC, an affiliate of the notorious Lazarus group. New details have emerged on the attack, describing how the APT exploited Visual Studio, a Microsoft product, to infect systems with malware now known to be the comebacker malware variant.

The APT Lazarus Group and other threat actors have allegedly been actively trying to steal COVID-19 research, likely to speed up their own countries’ vaccine development efforts. Lazarus is likely seeking to steal intellectual property to report back to North Korea, according to Kaspersky researchers. Lazarus recently attacked both a

McAfee security researchers first released detailed information on Operation North Star earlier this year, highlighting the campaigns conducted by Lazarus Group (Hidden Cobra) targeting defense and aerospace companies in a social engineering and phishing campaign. McAfee’s coverage showed that the campaign was larger than previously thought. In the McAfee report,

Yesterday, newly published nalysis from the security firm Intel 471 uncovered links between North Korea’s Lazarus Group and Russian-speaking cybercriminals. The report pinpoints links between the two organizations through examining years of security incidents. The conclusion, however, depends on two popular and generally accepted assumptions: that the Trickbot, TA505, and

North Korean hacking group known as Lazarus has allegedly launched several cyber campaigns that aim to raise finances for the country’s missile program. Last week, the US government issued a warning about how the group was currently targeting banks in several different countries. Cybersecurity experts believe that these ventures bring