North Korea's Lazarus hacking group targets US defence contractors
Hackers from the North Korean-linked Lazarus Group have reportedly targeted US defence contractors as tensions between the US and North Korea increase.
Researchers at Palo Alto Networks said that it is 'clear' that the Lazarus Group, which also hacked Sony in 2014, is behind the attacks; tools, techniques and procedures are shared between both operations.
"This re-use of macro source code, XOR keys used within the macro to decode implant payloads, and the functional overlap in the payloads the macros write to disk demonstrates the continued use of this tool set by this threat group," Palo Alto says in its blog post.