North Korea’s Lazarus brings state-sponsored hacking approach to ransomware

by
Dan Goodin
from Ars Technica - All content on (#569GD)
north-korea-hackers-800x450.jpg

Enlarge (credit: Aurich Lawson / Getty)

Lazarus-the North Korean state hacking group behind the WannaCry worm, the theft of $81 million from a Bangladesh bank, and the attacks on Sony Pictures-is looking to expand into the ransomware craze, according to researchers from Kaspersky Lab.

Like many of Lazarus' early entries, the VHD ransomware is crude. It took the malware 10 hours to fully infect one target's network. It also uses some unorthodox cryptographic practices that aren't semantically secure," because patterns of the original files remain after they're encrypted. The malware also appears to have taken hold of one victim through a chance infection of its virtual private network.

In short, VHD is no Ryuk or WastedLocker. Both are known as big game hunters" because they target networks belonging to organizations with deep pockets and, after gaining entry, strike only after doing days or weeks of painstaking surveillance.

Read 8 remaining paragraphs | Comments

index?i=ZkDIoXGsTzo:2zN19-FhGnw:V_sGLiPB index?i=ZkDIoXGsTzo:2zN19-FhGnw:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments