Lazarus Group returns with major spearphishing campaign
March 04, 2019 / Michael Moore
North Korean hacking outfit Lazarus Group is targeting users around the world with a major new spearphishing campaign. Security firm McAfee says it has found evidence linking Lazarus to the huge Operation Sharpshooter attack first detected last December which uses sophisticated spearphishing emails disguised as job recruitment messages. The attacks, which McAfee says are still ongoing today, have targeted the likes of defense, government, energy and critical infrastructure organisations across the world, uses "extremely convincing" job recruitment emails to gain access to systems. McAfee says that Operation Sharpshooter may have been in operation since September 2017, but this is the first time it could attributed to Lazarus thanks to new technical information. Back in December, the company said it looked like the hackers weren't making any concrete moves, but instead, are focused on data gathering, getting as much information about their target systems as they can.