Lazarus APT Group Carries Out Attacks Against Defense Sector

The Bundesamt fr Verfassungsschutz (BfV) of Germany and the National Intelligence Service (NIS) of South Korea issued a Joint Cyber Security Advisory regarding cyber campaigns conducted by North Korean cyber actors targeting the defense sector. The Lazarus APT group executed supply-chain and phishing attacks employing open-source tools like curl Ngrok and tcpdump. A web shell was deployed for network access and stolen information from repositories was obfuscated and sent to command and control servers.