North Korean hackers use new method to dodge security programs
Cybersecurity firm outlines Lazarus-attributed phishing attempt in recent report
Hackers linked to North Korea deployed a new means of extracting malware by hiding it inside a legitimate-looking command to convert a PNG image into a BMP image, according to a new report from security company Malwarebytes.
Based on similarities to previous code and tactics, researchers at Malwarebytes attributed the phishing attack to the North Korea-linked Lazarus Group, which harnessed a Korean-language Microsoft Office Word document enabled with a malicious macro.
“This is the first time I saw Lazarus using this technique,” said Hossein Jazi, a threat intelligence researcher at Malwarebytes and the report’s
- 01How North Korea’s ‘use-it-or-lose-it’ power grid impacts energy trade
- 02On North Korea, China’s ‘wolf warriors’ speak more like doves
- 03Timeline: From COVID-19 vaccines to preparations to reopen North Korea’s border
- 04How has COVID-19 impacted North Korean market prices?
- 05Juche H-bomb: North Korea’s efforts to tie self-reliance to its nuclear weapons
- 06North Korea reels in cash from fishing permits this year, despite UN ban
- 07Why America is fighting a losing battle against North Korean cyber crime
- 08North Korea warily eyes the markets that now dominate food distribution
- 09Political disputes leave US no closer to appointing DPRK human rights envoy
- 10Kim Jong Un builds new mansions across country as North Korean public suffers