• Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms & Conditions
Flyy Tech
  • Home
  • Apple
  • Applications
    • Computers
    • Laptop
    • Microsoft
  • Security
  • Smartphone
  • Gaming
  • Entertainment
    • Literature
    • Cooking
    • Fitness
    • lifestyle
    • Music
    • Nature
    • Podcasts
    • Travel
    • Vlogs
  • Camera
  • Audio
No Result
View All Result
  • Home
  • Apple
  • Applications
    • Computers
    • Laptop
    • Microsoft
  • Security
  • Smartphone
  • Gaming
  • Entertainment
    • Literature
    • Cooking
    • Fitness
    • lifestyle
    • Music
    • Nature
    • Podcasts
    • Travel
    • Vlogs
  • Camera
  • Audio
No Result
View All Result
Flyy Tech
No Result
View All Result

North Korean Lazarus Hackers Targeting Energy Providers Around the World

flyytech by flyytech
September 8, 2022
Home Security
Share on FacebookShare on Twitter


North Korean Lazarus Hackers

A malicious campaign mounted by the North Korea-linked Lazarus Group targeted energy providers around the world, including those based in the United States, Canada, and Japan, between February and July 2022.

“The campaign is meant to infiltrate organizations around the world for establishing long-term access and subsequently exfiltrating data of interest to the adversary’s nation-state,” Cisco Talos said in a report shared with The Hacker News.

Some elements of the espionage attacks have already entered public domain, courtesy of prior reports from Broadcom-owned Symantec and AhnLab earlier this April and May. Symantec attributed the operation to a group referred to as Stonefly, a Lazarus subgroup which is better known as Andariel, Guardian of Peace, OperationTroy, and Silent Chollima.

CyberSecurity

While these attacks previously led to the instrumentation of Preft (aka Dtrack) and NukeSped (aka Manuscrypt) implants, the latest attack wave is notable for employing two other pieces of malware: VSingle, an HTTP bot which executes arbitrary code from a remote network, and a Golang backdoor called YamaBot.

Also put to use in the campaign is a new remote access trojan called MagicRAT that comes with capabilities to evade detection and launch additional payloads on the infected systems.

“Although the same tactics have been applied in both attacks, the resulting malware implants deployed have been distinct from one another, indicating the wide variety of implants available at the disposal of Lazarus,” researchers Jung soo An, Asheer Malhotra, and Vitor Ventura said.

CyberSecurity

Initial access into enterprise networks is facilitated by means of exploitation of vulnerabilities in VMware products (e.g., Log4Shell) with the ultimate goal of establishing persistent access to perform activities in support of North Korean government objectives.

The use of VSingle in one attack chain is said to have enabled the threat actor to carry out a variety of activities such as reconnaissance, exfiltration, and manual backdooring, giving the operators a solid understanding of the victim environment.

Other tactics embraced by the group besides the use of bespoke malware include credential harvesting via tools like Mimikatz and Procdump, disabling antivirus components, and reconnaissance of the Active Directory services, and even taking steps to cleanup their traces after activating the backdoors on the endpoint.





Source_link

flyytech

flyytech

Next Post
Warning issued about Vice Society ransomware gang

Warning issued about Vice Society ransomware gang

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

How Sega Localizes The Yakuza Games With Authenticity And Humor

How Sega Localizes The Yakuza Games With Authenticity And Humor

March 26, 2023
Apple’s Far Out event keynote: A minute-by-minute preview of every announcement

Apple’s Far Out event keynote: A minute-by-minute preview of every announcement

September 6, 2022

Trending.

Image Creator now live in select countries for Microsoft Bing and coming soon in Microsoft Edge

Image Creator now live in select countries for Microsoft Bing and coming soon in Microsoft Edge

October 23, 2022
Shop now. Pay later. on the App Store

Shop now. Pay later. on the App Store

February 25, 2023
How To Install Tiny11 for Arm64 on Raspberry Pi 4

How To Install Tiny11 for Arm64 on Raspberry Pi 4

February 19, 2023
Thermalright Peerless Assassin 120 SE Review: Incredible, Affordable Air Cooling Performance

Thermalright Peerless Assassin 120 SE Review: Incredible, Affordable Air Cooling Performance

September 27, 2022
Lian Li Galahad II Trinity Performance 240 AIO Review: Raising the Bar

Lian Li Galahad II Trinity Performance 240 AIO Review: Raising the Bar

September 19, 2023

Flyy Tech

Welcome to Flyy Tech The goal of Flyy Tech is to give you the absolute best news sources for any topic! Our topics are carefully curated and constantly updated as we know the web moves fast so we try to as well.

Follow Us

Categories

  • Apple
  • Applications
  • Audio
  • Camera
  • Computers
  • Cooking
  • Entertainment
  • Fitness
  • Gaming
  • Laptop
  • lifestyle
  • Literature
  • Microsoft
  • Music
  • Podcasts
  • Review
  • Security
  • Smartphone
  • Travel
  • Uncategorized
  • Vlogs

Site Links

  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms & Conditions

Recent News

Sergiy Galyonkin, SteamSpy creator who helped launched the Epic Games Store, has left the Fortnite maker after eight years

Sergiy Galyonkin, SteamSpy creator who helped launched the Epic Games Store, has left the Fortnite maker after eight years

October 3, 2023
Are your personal details on the Dark Web ?

Are your personal details on the Dark Web ?

October 3, 2023

Copyright © 2022 Flyytech.com | All Rights Reserved.

No Result
View All Result
  • Home
  • Apple
  • Applications
    • Computers
    • Laptop
    • Microsoft
  • Security
  • Smartphone
  • Gaming
  • Entertainment
    • Literature
    • Cooking
    • Fitness
    • lifestyle
    • Music
    • Nature
    • Podcasts
    • Travel
    • Vlogs

Copyright © 2022 Flyytech.com | All Rights Reserved.

What Are Cookies
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT