The Lazarus Group, a well-known North Korean threat actor, has been targeting employees of a nuclear-related organization with malware called CookiePlus as part of the Operation Dream Job campaign. Utilizing complex infection chains, the attackers distributed trojanized remote access tools, leading to the deployment of various malware on the targeted systems. The malware includes CookieTime, ServiceChanger, And Charamel Loader, each with specific functionalities to aid in data exfiltration and system compromise. These attacks are part of an ongoing effort that has seen significant cryptocurrency theft attributed to North Korea-affiliated hackers.
Sort: