DPRK hackers use South Korean servers and Google Drive to hide malware attack
Lazarus Group embeds malicious code in corrupted PDFs disguised as Samsung job post, experts find
North Korean hackers broke into web servers in South Korea to control malware hidden in malicious PDF files, Google’s Cybersecurity Action Team has disclosed in a new report.
While Google did not attribute the attack to a specific group, a security expert familiar with the incident told NK Pro that similarities in techniques and procedures suggest Lazarus was likely the culprit.
According to the report published last week, the attackers emailed PDF attachments purporting to be a job description for a role at Samsung, and requested that recipients download and install a “Secure PDF
- 01Sprawling worker camp appears near North Korea’s military nerve center
- 02Vast new trove of North Korean laws shines light on developments in country
- 03What’s left of the foreign community in Pyongyang, three years into pandemic
- 04Pyongyang streets empty but civilians still training for military parade: Images
- 05Why North Korean state media remains silent about the Pyongyang lockdown
- 06State media review: North Korea celebrates Cold War capture of US ship
- 07North Korea pushes ahead with military parade training despite virus lockdown
- 08North Korea’s parliament introduces first new speaker in nearly 2 years