We have reported the rogue GitHub account for harmful content. In this blog post, we provide technical analysis of this latest attack including a clever use of Windows Update to execute the malicious payload and GitHub as a command and control server. We identified two decoy documents masquerading as American global security and aerospace giant Lockheed Martin. In this campaign, Lazarus conducted spear phishing attacks weaponized with malicious documents that use their known job opportunities theme. The Malwarebytes Threat Intelligence team is actively monitoring its activities and was able to spot a new campaign on Jan 18th 2022. The group is responsible for many high profile attacks in the past and has gained worldwide attention. Lazarus Group is one of the most sophisticated North Korean APTs that has been active since 2009. This blog was authored by Ankur Saini and Hossein Jazi
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |