North Korean hackers use open-source tools to attack internet and health sectors
Use of tools like DeimosC2 in initial attack represents shift in DPRK cybercriminals’ approach, security firm says
North Korea’s Lazarus Group has deployed new forms of malware in its ongoing campaigns against internet infrastructure and the healthcare sector, utilizing a newer approach that relies more on open-source tools to launch attacks, according to a U.S. cybersecurity firm.
The group targeted internet backbone infrastructure and healthcare entities in Europe and the U.S. through its new “QuiteRAT” malware, exploiting a vulnerability in remote management software ManageEngine ServiceDesk, Cisco Talos said in a report Thursday.
The report did not specify the organizations targeted, but the focus on these sectors is consistent with
- 01Why interoperability remains a hurdle for trilateral cooperation on North Korea
- 02North Korea confirms long-time weapons official leading top missile bureau
- 03RECAP: Everything we know about Kim Jong Un’s grand odyssey in Russian Far East
- 04What the North Korean Red Guards’ new toys reveal about military modernization
- 05State media review: North Koreans ‘pine for’ Kim Jong Un as he travels abroad
- 06Bending the rules: How Russia could justify helping North Korea’s space program
- 07At cosmodrome, Kim Jong Un and Putin set stage for greater confrontation with US
- 08North Korea and the other 9/11: How the DPRK remembers Chile’s military coup