"Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps"

The North Korea-leaked Lazarus Group, also known as Hidden Cobra or TEMP.Hermit, has been observed using trojanized Virtual Network Computing (VNC) apps as lures to target the defense industry and nuclear engineers in the ongoing Operation Dream Job campaign. The campaign involves tricking job seekers on social media into downloading malicious apps for fake job interviews. These backdoored apps operate discretely to avoid detection by behavior-based security solutions, activating only when the user selects a server from the drop-down menu of the trojanized VNC client. Once launched, the counterfeit app retrieves additional payloads, including a known Lazarus Group malware called LPEClient, equipped with profiling capabilities for compromised hosts. This article continues to discuss the Lazarus Group using trojanized versions of VNC apps as part of the Operation Dream Job campaign.

THN reports "Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps"

Submitted by grigby1
 

Submitted by Gregory Rigby on