North Korean hackers hit Microsoft servers with ‘reconnaissance’ malware: Report

News

North Korean hackers hit Microsoft servers with ‘reconnaissance’ malware: Report

Cybersecurity firm says Lazarus Group targeted ‘poorly managed’ devices in possible effort to steal system credentials

Anton SokolinMay 26, 2023

North Korean hackers hit Microsoft servers with ‘reconnaissance’ malware: Report

Illustration of the DPRK flag behind lines of code

North Korean hackers targeted vulnerable Microsoft web infrastructure with malicious software using a similar technique attackers used to gain access to cryptocurrency firms, a South Korean security firm says in a new report.

AhnLab Security Emergency Response Center (ASEC) states that the attack targeted Microsoft Internet Information Services (IIS) servers and relied on a technique known as Dynamic Link Library (DLL) side-loading, involving the transfer of shared Microsoft libraries.

According to the report, the Lazarus Group attackers infiltrated the network by placing “a malicious DLL (msvcr100.dll) in the same folder path as a normal

01State media review: Kim Jong Un’s leadership cult dims the Day of the Sun
02Why North Korea could draw inspiration from Iran’s suicide drone attack
03After the Panel: Weighing the best alternatives to monitor North Korea sanctions
04State media review: North Korea begins celebrations for dead leader’s birthday
05How to interpret North Korea’s abrupt about-face on diplomacy with Japan
06What 30K North Korean patents reveal about state efforts to foster innovation
07North Korea’s silence on Trump speaks volumes about its view of the US election
08JucheGPT: How North Korea can weaponize AI to sway elections and sow discord

North Korean hackers hit Microsoft servers with ‘reconnaissance’ malware: Report

LATEST ANALYSIS

Similar Articles

About the Author

Anton Sokolin