Lazarus Group uses Windows Update to spray a malicious program on a GitHub command-and-control (C2) server enabled by researchers.
On Thursday, the Malwarebytes Threat Intelligence team reported finding the North Korean state’s advanced persistent threat (APT) team in the process of analyzing a sensitive identity theft campaign discovered by its researchers 10 days ago, in Jan. 18.
The focus of the campaign – in which the APT has made US international security and Aerospace giant Lockheed Martin – in line with Lazarus’ willingness to enter the military. According to Thursday’s Malwarebytes report, the Jan campaign. 18 of identity theft was armed with malicious text that attempted to entice them to click through the same “job opportunity” balloon the group had previously hung on.
Read More: https://threatpost.com/lazarus-apt-windows-update-malware-github/178096/
