Contact Contact Us

Lazarus Using New Malware in Recent Campaigns FINANCE INDUSTRY

North Korean state-sponsored group, Lazarus (aka Hidden Cobra), has been planting a new backdoor dubbed HOPLIGHT to maintain persistence in compromised systems. When installed, the powerful backdoor can collect system information, receive commands from its C&C via a built-in proxy application, execute commands remotely as well as upload and download files. The malware is used against multiple industries worldwide including critical infrastructure for espionage purposes. Lazarus also continues to target banks and cryptocurrency exchanges and has recently set up a hacking cell in Nepal to conduct funds stealing activities.

References:
[1] MAR-10135536-8 – North Korean Trojan: HOPLIGHT
[2] North Koreans Operate cyber Espionage from Kathmandu’s Residential Area

Ensign InfoSecurity Singapore
30A Kallang Place
#08-01
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883