Here's how North Korea's Lazarus hackers use LinkedIn to reach targets and Office macros to compromise hosts.
The Lazarus hacking group is one of the top cybersecurity threats from North Korea, recently catching the attention of the US government for massive cryptocurrency heists.
Now researchers at NCCGroup have pieced together a few of the tools and techniques Lazarus hackers have been using recently, including social engineering on LinkedIn, messaging US defense contractor targets on WhatsApp, and installing the malicious downloader LCPDot.
NCCGroup's findings build on what's already known about Lazarus hackers. The group, and its sub groups, are known to have used LinkedIn for tricking targets into installing malicious files such as Word documents with hidden macros.
