Daily News for Every Age

North Korean Lazarus hackers target global energy providers


The North Korean-linked Lazarus Group is running a malicious campaign against energy providers all over the world, including those in the United States, Canada, and Japan.

The group is said to be gaining access to enterprise networks by exploiting vulnerabilities in VMware products.



Other techniques include credential harvesting, disabling antivirus components, and Active Directory service reconnaissance.

To gain network access, the group is said to use custom malware, such as a bot and a Golang backdoor.

They are focusing on enterprise networks with the ultimate goal of establishing persistent access to support the North Korean government.

Follow us on