North Korean state-sponsored advanced persistent threat operations Lazarus Group, Kimsuky, and Andariel were noted by South Korea’s National Police Agency to have targeted several South Korean defense industry entities since late 2022 in a bid to obtain intelligence regarding defense technologies, reports Security Affairs. Vulnerable infrastructure prompted the Lazarus Group to breach a defense organization in November 2022, which resulted in the compromise of at least six internal computers along with the entity’s internal network and sensitive data, while Andariel leveraged account credentials from an employee of a defense contractor’s third-party to distribute malware that facilitated the theft of technical information regarding defense technology, according to an advisory from the National Police Agency.

Source: SC Magazine