230419ECA1B0EAB084EC9AA9_EBB3B4EC9588EC9DB8ECA69DED9484EBA19CEAB7B_E3ebGg4.pdf (329 KB)

South Korean police attributed a hacking case exploiting financial security-authentication software vulnerabilities to Lazarus, a North Korean Reconnaissance General Bureau-linked group. Investigators said North Korea compromised a well-known domestic financial security-authentication vendor in April 2021, identified software vulnerabilities, and prepared web servers and command-and-control infrastructure over a long period. The campaign also used media-company websites as watering-hole malware distribution points, creating risk of large-scale public impact and prompting urgent software updates and defensive measures.