Lazarus is a state-sponsored advanced persistent threat (APT) group from North Korea. They recently tweaked its loader obfuscation techniques by abusing image files in a recent phishing campaign in early April. They created an interesting technique designed to obfuscate payloads in image files. Basically an email with an MS Office doc in it, intended victims are asked to enable macros in order to view the file’s content, which, in turn, triggers a malicious payload. #security #phishing #hacking #excel#office #Lazarus is a state-sponsored advanced persistent threat (APT) group from North Korea. They recently tweaked its loader obfuscation techniques by abusing image files in a recent phishing campaign in early April. They created an interesting technique designed to obfuscate payloads in image files. Basically an email with an MS Office doc in it, intended victims are asked to enable macros in order to view the file’s content, which, in turn, triggers a malicious payload. #security #phishing #hacking #excel#office #Lazarus
