The South Korean police says Lazarus prepared for the attack by studying security software used by local institutions. The post S. Korea Successfully Foils Cyber Attack by US-Sanctioned Lazarus Group: Report appeared first on Tokenist.
Lazarus Attacked Over 200 Computers Belonging to 61 S. Korean Institutions
Lazarus, one of the most prominent crypto cybercrime groups based in North Korea, launched cyber attacks on hundreds of computers belonging to 61 institutions from South Korea in 2022, according to Yonhap News, citing a police report. The National Police Agency (NPA) said that since June 2022, Lazarus hacked 207 computers belonging to these institutions, including eight media companies.
The computers were compromised through a “watering hole” attack that targeted security software installed. According to the NPA, to prepare for the hack, Lazarus first attacked a South Korean firm that distributes security software that is typically used for installing security plug-ins for online banking and financial services. This software is estimated to be installed on more than 10 million computers in South Korea.
The NPA also said that Lazarus had a predetermined plan in 2021 to infiltrate INISAFE – the firm that develops security software. The well-known hacking group reportedly studied the software’s flaws in recent years to build malware, but the police managed to spot the group’s activity on South Korean networks and cooperated with other agencies to preemptively block Lazarus’s further access. The NPA said that the attempts caused no actual damage.
What is the Lazarus Group?
Did you know that the Lazarus Group is likely run by members of the North Korean government? Let us know in the comments below.