Lazarus Group misuses South Korean legitimate software

The hackers (Lazarus Group) took advantage of the requirement that Internet users in South Korea must install certain security solutions.

Cybersecurity scientists have reported another malware crusade focusing on South Korea’s gracefully chain. Crooks misuse real security programming and take computerized authentications to convey far off access apparatuses to focused systems.

According to experts from ESET, the operations are the work of the Lazarus Group (also known as the Hidden Cobra). The attackers took advantage of the mandatory requirement that. internet users in South Korea must install additional security solutions in order to use Internet banking and government services.

FURTHERMORE,

The attacks use the Wizvera VeraPort software, which is designed to integrate and manage installation. Programs related to Internet banking, such as digital certificates issued by banks to individuals and legal entities to protect all transactions and payments.

In addition to using security software installation techniques to distribute malware from a legitimate. But compromise website, the attackers also use illegally obtaine code signing certificates to sign malware samples. One of which was issued by the American branch of the South Korean security company Dream Security Korea.

“The attackers disguised the Lazarus malware samples as legitimate software. The malware also has the same file names, icons and resources as the South Korean software, ”the experts noted.

The binary file is download by the malware installer, it extracts two more components. One of which is injected into the Windows process (“svchost.exe”). The final stage payload acts as a RAT and is equip with commands that allow the malware. To perform operations on the victim’s filesystem, as well as load and run auxiliary tools from the attacker’s arsenal.

Henceforth, WE WISH TO ANNOUNCE THAT OUR SERVICES ARE NOT AVAILABLE TO PEOPLE FROM NIGERIA AND INDIA. THESE ARE USELESS TIME WASTERS AND THIEVES TRYING TO BEG OR SCAM US OF OUR PRODUCTS. OUR SERVICES ARE NOT FREE AND PAYMENT IS UPFRONT

A LOT OF FOOLS FROM NIGERIA AND INDIA. on the off chance that YOU DON’T TRUST TO USE OUR SERVICES, DON’T CONTACT US AS WE HAVE NO FREE SERVICE

CONTACT US FOR PURCHASE/INQUIRIES, WE RESPOND ALMOST INSTANTLY :

EMAIL: hovatools@gmail.com

ICQ: hovatools  CLICK HERE

TELEGRAM: @hovatool  CLICK HERE

HI BUYERS, WE ARE A PROFESSIONAL CARDING AND HACKING TEAM. DUMPSBUY HAS BEEN AROUND SINCE THE TIME OF EVO MARKET, ALPHABAY, WALLSTREET MARKET AND MORE. WE REMAIN STRONG AND RELIABLE IN THE INDUSTRY, ALWAYS PROVIDING YOU WITH THE BEST QUALITY TOOLS TO HELP YOU MAKE MONEY AND MAXIMIZE PROFIT IN THE FRAUD GAME.

TO GET STARTED, YOU CAN VISIT OUR ONLINE SHOP/STORE TO BUY EVERYTHING YOU NEED TO START CASHING OUT.  AT THE SHOP YOU GET Accounts & Bank Drops CVV & CARDS DUMPS PERSONAL INFORMATION & SCAN.

BANK HACKING SOFTWARE – WIRE/ACH DARKWEB MONEY TRANSFER HACKERS

Buy Fresh Credit Cards for Carding, BIN LIST Buy Bank Login, RDP, Buy Hacked Paypal accounts. Contact us to buy all tools and carding software. CLICK HERE TO VISIT OUR SHOP
Buy Socks 5, Enail Leads, Buy Latest CC to Bitcoin Cashout Guide, Buy Hacked Zelle transfer , Western Union Money Transfer Hack, Buy Hacked Money Transfer service to your bank account.
Enroll for Paid private Carding Class.


Leave a Reply