Lazarus Hackers Target Dell Drivers With New Rootkit

The North Korea-backed Lazarus Group not only seems to target blockchain developers and artists areones with fake job offers. They are now also targeting Aerospace experts and political journalists in Europe. The point worth mentioning here is that it was the same form of social engineering attacks, with the same goal of corporate espionage and data exfiltration from business devices. The group has been observed deploying a Windows rootkit by taking advantage of an exploit in Dell drivers. So, what makes this campaign unique is the fact that the targets were infected with legitimate drivers.

HACKERS are Exploiting Dell Drivers’ Vulnerability

Recently, Cybersecurity researchers from ESET have seen Lazarus Group, a known North Korean state-sponsored threat actor that was seen approaching individuals with fake job offers from Amazon. Those unfortunate who accepted the offer, and downloaded fake job description PDF files, have had an old, vulnerable Dell driver installed. So, this opened the doors for the threat actors to compromise the endpoints, and exfiltrate whatever data they were looking for. ESET said that:

PTA Taxes Portal

Find PTA Taxes on All Phones on a Single Page using the PhoneWorld PTA Taxes Portal

Explore NowFollow us on Google News!

Laiba Mohsin

Laiba is an Electrical Engineer seeking a placement to gain hands-on experience in relevant areas of telecommunications. She likes to write about tech and gadgets. She loves shopping, traveling and exploring things.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Get Alerts!

PhoneWorld Logo

Join the groups below to get the latest updates!

💼PTA Tax Updates
💬WhatsApp Channel