North Korean hackers hit Microsoft servers with ‘reconnaissance’ malware: Report
Cybersecurity firm says Lazarus Group targeted ‘poorly managed’ devices in possible effort to steal system credentials
North Korean hackers targeted vulnerable Microsoft web infrastructure with malicious software using a similar technique attackers used to gain access to cryptocurrency firms, a South Korean security firm says in a new report.
AhnLab Security Emergency Response Center (ASEC) states that the attack targeted Microsoft Internet Information Services (IIS) servers and relied on a technique known as Dynamic Link Library (DLL) side-loading, involving the transfer of shared Microsoft libraries.
According to the report, the Lazarus Group attackers infiltrated the network by placing “a malicious DLL (msvcr100.dll) in the same folder path as a normal
- 01Timeline: From North Korean satellite launch to Yoon-Kishida summit in Seoul
- 02State media review: North Korea says ‘no reason’ it can’t meet with Japan
- 03North Korea primed for quick rebound after satellite launch failure: Analysis
- 04What to make of conflicting signs about a North Korean border reopening
- 05North Korea hacked an election body. But political interference wasn’t the goal.
- 06Secrecy surrounding North Korea’s upcoming plenum points to big changes afoot
- 07State media review: North Korea provides a front-row seat to anti-Yoon protests
- 08By linking radars, ROK and Japan reduce blind spots around North Korean missiles
- 09Poker face: North Korea tries new strategy in crackdown on ‘bluffing’ and lying
- 10State media review: ‘Little Boy’ spooks North Korea ahead of warm weather season