- The Lazarus Group, the hacking group linked to North Korea that is believed to have been involved in the spread of the WannaCry ransomware attack last year, is back with a new campaign targeting financial institutions and bitcoin users.
- The new campaign, dubbed HaoBao by security researchers at McAfee, sees a return to form for the group with a targeted phishing campaign that pretends to be from a Hong Kong-based recruitment firm.
- Attached to the emails is a Dropbox link that contains a malicious file which when clicked on installs malware that is able to scan a victim’s computer for cryptocurrency wallets and then establish a secondary implant for long-term data gathering.
- While the form of attack may seem nothing new, the researchers note that the two-stage attack malware is something new.
Duncan Riley / SiliconANGLE - 2 years ago