Security News > 2021 > February > North Korean hackers find another new target: The defense industry

Kaspersky security researchers have found evidence that the North Korean hacking collective known as Lazarus has added another target to its list of victims: The defense industry, and companies in more than a dozen countries have already been affected.

As previously reported by TechRepublic, Lazarus started off 2021 by targeting security researchers with offers of collaborating on malware research, only to infect victims with malware that could cause the theft of sensitive security-related data.

Point3 Security strategist Chloé Messdaghi said the targeting of security researchers appeared to be an attempt to gain a foothold with people who have government connections, but the reason Lazarus was targeting them is unknown.

This latest attack aimed at defense industry companies is just the latest pivot for Lazarus, which has been active and dangerous since at least 2009, Kaspersky said.

Interestingly enough, said Kaspersky senior security researcher Seongsu Park, ThreatNeedle uses the same backdoor that targeted security researchers in early 2021.

"Not only were they able to overcome network segmentation, but they did extensive research to create highly personalized and effective spearphishing emails and built custom tools to extract the stolen information to a remote server. With industries still dealing with remote work and, thus, still more vulnerable, it is important that organizations take extra security precautions to safeguard against these types of advanced attacks," said Kaspersky security expert Vyacheslav Kopeytsev.

News URL

https://www.techrepublic.com/article/north-korean-hackers-find-another-new-target-the-defense-industry/#ftag=RSS56d97e7