Windows 0-Day Was Exploited By North Korea To Install Advanced Rootkit (arstechnica.com) 14

Posted by msmash on Tuesday August 20, 2024 @01:03PM from the closer-look dept.

North Korean hackers exploited a critical Windows vulnerability to deploy advanced malware, security researchers revealed. The zero-day flaw, patched by Microsoft last week, allowed attackers to gain system-level access and install a sophisticated rootkit called FudModule. Gen, the firm that discovered the attacks, identified the threat actors as Lazarus, a hacking group linked to North Korea. The exploit targeted individuals in cryptocurrency and aerospace industries, likely aiming to steal digital assets and infiltrate corporate networks. FudModule, first analyzed in 2022, stands out for its ability to operate deep within Windows, evading detection by security defenses. Earlier versions used vulnerable drivers for installation, while a newer variant exploited a bug in Windows' AppLocker service.

Windows 0-Day Was Exploited By North Korea To Install Advanced Rootkit

This discussion has been archived. No new comments can be posted.

Load All Comments

Search 14 Comments Log In/Create an Account

Comments Filter:

- Re:"linked to North Korea" (Score:5, Informative)
  
  by XXongo ( 3986865 ) writes: on Tuesday August 20, 2024 @04:52PM (#64721888) Homepage
  
  Everyone knows North Korea doesn't know how to hack and barely has computers.
  Not sure maybe this was intended to be sarcastic? The truth is the opposite; North Korea has almost no sources of income except hacking, and so this is supported at the highest level of government
  It's obviously some country, likely their neighbors China or Russia, that VPN's through North Korea to avoid blame.
  The opposite; to get outside of North Korea you have to use a vpn which spoofs you to be in a different country, since North Korea is heavily embargoed
  
- Re: (Score:2)
  
  by GoRK ( 10018 ) writes:
  
  I dont think you are on the money here, Jerry. It's not as if this activity is tremendously demanding of resources, and it is de-facto revenue positive. Invoking China and Russia as enablers is the literal definition of a straw man argument. All NK needs is internet access and a potato to connect to a bigger system; they have remote systems in the US and other western countries to use as bastions, and they will send people out of country as needed to keep these enterprises operating.
- Re: (Score:2)
  
  by sysrammer ( 446839 ) writes:
  
  Well played.
Thanks, Microsoft (Score:3, Funny)

by RUs1729 ( 10049396 ) writes: on Tuesday August 20, 2024 @02:31PM (#64721430)

Those of us who do not use Windows in our desktops cordially thank you: Windows' market share combined with your predictable stupidity and ineptness all but guarantee that they bad guys will carry on focusing on Windows, while leaving the rest of us alone.

Microsoft (Score:2)

by RitchCraft ( 6454710 ) writes:

The hits just keep on coming.
What's the point of having spies who don't spy? (Score:2)

by newbie_fantod ( 514871 ) writes:

In the West they can sell a lot of Aston Martins, but that's not so much of an advantage in Peoples Democratic Republic of Korea.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Windows 0-Day Was Exploited By North Korea To Install Advanced Rootkit (arstechnica.com) 14

Windows 0-Day Was Exploited By North Korea To Install Advanced Rootkit More Login

Windows 0-Day Was Exploited By North Korea To Install Advanced Rootkit

Re:"linked to North Korea" (Score:5, Informative)

Re: (Score:2)

Re: (Score:2)

Thanks, Microsoft (Score:3, Funny)

Microsoft (Score:2)

What's the point of having spies who don't spy? (Score:2)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot