Lazarus Group Identified Targeting Nuclear Engineers Using CookiePlus Malware

Published:

spot_img

Lazarus Group’s New Malware "CookiePlus" Targets Nuclear Sector in Sophisticated Cyber Espionage Campaign

Lazarus Group’s New Malware Threatens Nuclear Sectors in Operation Dream Job

In a startling revelation, cybersecurity firm Kaspersky has reported that the notorious Lazarus Group—linked to North Korea—has initiated a fresh wave of cyberattacks targeting employees at a nuclear-related organization. Over January 2024, the group unleashed a sophisticated malware dubbed CookiePlus as part of its ongoing espionage efforts known as Operation Dream Job.

This latest round of attacks is characterized by a "complex infection chain" deployed through tailored job opportunities aimed at enticing personnel in sensitive fields. Kaspersky details that the group’s strategies include sending malicious documents and trojanized application downloads under the guise of skills assessments for reputable aerospace and defense companies.

The methodology of attack primarily leverages trojanized remote access tools, notably a vulnerable version of VNC, camouflaged to appear as legitimate software. After infiltrating the network, the malware empowers the hackers to move laterally across the system, gathering sensitive data and deploying additional harmful payloads while maintaining operational stealth.

Research indicates that the CookiePlus is an evolutionary step, potentially superseding an earlier threat, MISTPEN, due to behavioral similarities. These malicious programs manifest as innocent plugins, such as plugins for Notepad++, making them particularly deceptive.

Kaspersky’s findings come on the heels of alarming trends highlighting North Korea’s rising cybercriminal activities. In 2024 alone, $1.34 billion has been siphoned through various cryptocurrency hacks, indicating a troubling escalation in the nation’s cyber capabilities.

As the stakes in the cyber realm continue to rise, experts underscore the importance of vigilance from organizations in critical sectors to combat such unprecedented threats.

spot_img

Related articles

Recent articles

Dark Web Intelligence Market Set to Surge to US$ 3.07 Billion by 2033, Driven by AI Innovations and North America’s 38% Dominance

Dark Web Intelligence Market Set to Surge to US$ 3.07 Billion by 2033, Driven by AI Innovations and North America's 38% Dominance The Global Dark...

Six New U-Boot Flaws Risk Device Crashes and Unauthorized Code Execution at Boot

Six New U-Boot Flaws Risk Device Crashes and Unauthorized Code Execution at Boot Researchers from the firmware security firm Binarly have identified six critical vulnerabilities...

Ethiopia Strengthens Polio Vaccination Efforts, Reaching Over One Million Children in High-Risk Areas

Ethiopia Strengthens Polio Vaccination Efforts, Reaching Over One Million Children in High-Risk Areas Ethiopia has launched a synchronized polio vaccination campaign in collaboration with South...

Australia’s Inclusion in Anthropic’s Project Glasswing Signals a New Era of AI-Driven Payment Fraud Risks

Australia’s Inclusion in Anthropic's Project Glasswing Signals a New Era of AI-Driven Payment Fraud Risks The rapid evolution of artificial intelligence (AI) is reshaping the...