DPRK hackers use South Korean servers and Google Drive to hide malware attack
Lazarus Group embeds malicious code in corrupted PDFs disguised as Samsung job post, experts find
North Korean hackers broke into web servers in South Korea to control malware hidden in malicious PDF files, Google’s Cybersecurity Action Team has disclosed in a new report.
While Google did not attribute the attack to a specific group, a security expert familiar with the incident told NK Pro that similarities in techniques and procedures suggest Lazarus was likely the culprit.
According to the report published last week, the attackers emailed PDF attachments purporting to be a job description for a role at Samsung, and requested that recipients download and install a “Secure PDF
- 01North Korean nuclear and missile testing: A move away from US national holidays?
- 02How US-ROK response missile launches bolster deterrence against North Korea
- 03Moon’s legacy limits Yoon’s options for information warfare against North Korea
- 04Timeline: From North Korea’s ‘military action plan’ to missiles and summits
- 05State media review: North Korea slams South Korea for joining NATO summit
- 06Why US sanctions on North Korea’s main airport would do more harm than good
- 07North Korean studio secretly animated US-backed Russian film
- 08Japan dangerously out of step on North Korea as it flirts with rearmament