Lazarus Group Identified Targeting Nuclear Engineers Using CookiePlus Malware

Published:

spot_img

Lazarus Group’s New Malware "CookiePlus" Targets Nuclear Sector in Sophisticated Cyber Espionage Campaign

Lazarus Group’s New Malware Threatens Nuclear Sectors in Operation Dream Job

In a startling revelation, cybersecurity firm Kaspersky has reported that the notorious Lazarus Group—linked to North Korea—has initiated a fresh wave of cyberattacks targeting employees at a nuclear-related organization. Over January 2024, the group unleashed a sophisticated malware dubbed CookiePlus as part of its ongoing espionage efforts known as Operation Dream Job.

This latest round of attacks is characterized by a "complex infection chain" deployed through tailored job opportunities aimed at enticing personnel in sensitive fields. Kaspersky details that the group’s strategies include sending malicious documents and trojanized application downloads under the guise of skills assessments for reputable aerospace and defense companies.

The methodology of attack primarily leverages trojanized remote access tools, notably a vulnerable version of VNC, camouflaged to appear as legitimate software. After infiltrating the network, the malware empowers the hackers to move laterally across the system, gathering sensitive data and deploying additional harmful payloads while maintaining operational stealth.

Research indicates that the CookiePlus is an evolutionary step, potentially superseding an earlier threat, MISTPEN, due to behavioral similarities. These malicious programs manifest as innocent plugins, such as plugins for Notepad++, making them particularly deceptive.

Kaspersky’s findings come on the heels of alarming trends highlighting North Korea’s rising cybercriminal activities. In 2024 alone, $1.34 billion has been siphoned through various cryptocurrency hacks, indicating a troubling escalation in the nation’s cyber capabilities.

As the stakes in the cyber realm continue to rise, experts underscore the importance of vigilance from organizations in critical sectors to combat such unprecedented threats.

spot_img

Related articles

Recent articles

ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware, and 14 Additional Security Breaches

ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware, and 14 Additional Security Breaches In the ever-evolving landscape of cybersecurity, recent developments highlight a troubling...

Alleged Scattered Spider Member Extradited to U.S. After Arrest in Finland for Cybercrime Charges

Alleged Scattered Spider Member Extradited to U.S. After Arrest in Finland for Cybercrime Charges An alleged member of the Scattered Spider cybercrime group has been...

Identity Security Strengthens OT Resilience Against Emerging Cyber Threats

Identity Security Strengthens OT Resilience Against Emerging Cyber Threats In an era where cyber threats are increasingly sophisticated, identity security has emerged as a critical...

UAE’s Khalifa Fund Launches National Program to Strengthen Cybersecurity Startups

UAE's Khalifa Fund Launches National Program to Strengthen Cybersecurity Startups The Khalifa Fund for Enterprise Development (KFED) has unveiled a specialized national initiative aimed at...