- May 4, 2019
- 801
An unnamed engineering company with energy and military customers was recently the target of a North Korean hacking group that has been operating since at least 2009, researchers said Wednesday.
The Threat Hunter Team at Symantec said the attackers breached the organization in February, probably by using the Log4j vulnerability “on a public-facing VMware View server.” Symantec is attributing the activity to Stonefly, which is also known as DarkSeoul, Operation Troy, Silent Chollima and BlackMine.
Long-running North Korean operation hacked into engineering firm, Symantec says
The intrusion is the latest by a group known as Stonefly, which appears to have tightened its focus on high-value industrial information.
therecord.media