Date of report
- April 2022
Affiliations
North Korean threat actor Lazarus Group targeted a specialized engineering company to steal sensitive intellectual property. The hackers breached the organization’s network by exploiting the Log4j vulnerability, moving laterally to compromise eighteen other computers. The hackers installed a backdoor to steal credentials and exfiltrate sensitive data.
Suspected victims
- Specialized engineering companies with customers in the military and energy sectors
Suspected state sponsor
- Korea (Democratic People's Republic of)
Type of incident
- Financial Theft
Target category
- Private sector
Victim government reaction
- Unknown