DPRK hackers use South Korean servers and Google Drive to hide malware attack



News DPRK hackers use South Korean servers and Google Drive to hide malware attack Lazarus Group embeds malicious code in corrupted PDFs disguised as Samsung job post, experts find Nils Weisensee November 29, 2021 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON NK News \| North Korean hackers asked targets to install malicious software stored on Google Drive, according to Google’s Cybersecurity Action Team North Korean hackers broke into web servers in South Korea to control malware hidden in malicious PDF files, Google’s Cybersecurity Action Team has disclosed in a new report. While Google did not attribute the attack to a specific group, a security expert familiar with the incident told NK Pro that similarities in techniques and procedures suggest Lazarus was likely the culprit. According to the report published last week, the attackers emailed PDF attachments purporting to be a job description for a role at Samsung, and requested that recipients download and install a “Secure PDF Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01How long-range strikes on Russia could impact North Korean troop deployments 02How North Korean hackers and IT workers collude to cause chaos 03What pro-Trump think tanks reveal about his likely North Korea policy priorities 04Yoon bet on US to deter North Korea. Now he faces an alliance skeptic in Trump. 05All the question marks hanging over Trump’s approach to North Korea in term two 06Time almost up for North Korea’s plan to launch 3 military satellites in 2024 07Trump return rekindles prospects of North Korea talks, but Russia stands in way 08How China could benefit from North Korea’s troop deployment to Ukraine

News

DPRK hackers use South Korean servers and Google Drive to hide malware attack

Lazarus Group embeds malicious code in corrupted PDFs disguised as Samsung job post, experts find

Nils Weisensee November 29, 2021

DPRK hackers use South Korean servers and Google Drive to hide malware attack

NK News | North Korean hackers asked targets to install malicious software stored on Google Drive, according to Google’s Cybersecurity Action Team

North Korean hackers broke into web servers in South Korea to control malware hidden in malicious PDF files, Google’s Cybersecurity Action Team has disclosed in a new report.

While Google did not attribute the attack to a specific group, a security expert familiar with the incident told NK Pro that similarities in techniques and procedures suggest Lazarus was likely the culprit.

According to the report published last week, the attackers emailed PDF attachments purporting to be a job description for a role at Samsung, and requested that recipients download and install a “Secure PDF

01How long-range strikes on Russia could impact North Korean troop deployments
02How North Korean hackers and IT workers collude to cause chaos
03What pro-Trump think tanks reveal about his likely North Korea policy priorities
04Yoon bet on US to deter North Korea. Now he faces an alliance skeptic in Trump.
05All the question marks hanging over Trump’s approach to North Korea in term two
06Time almost up for North Korea’s plan to launch 3 military satellites in 2024
07Trump return rekindles prospects of North Korea talks, but Russia stands in way
08How China could benefit from North Korea’s troop deployment to Ukraine

DPRK hackers use South Korean servers and Google Drive to hide malware attack

LATEST ANALYSIS

Similar Articles

About the Author

Nils Weisensee