Hackers with NoKor Ties Hit South Korean Think Tank with Zero-Day Flaw

North Korean hackers had reportedly attacked South Korea’s Sejong Institute with an ActiveX zero-day vulnerability to deliver a backdoor malware on the systems of the non-profit think tank.

The flaw was discovered in May on one of the think tank’s website AhnLab, a South Korean cybersecurity company. Researchers say that the attack was carried out by the Andariel Group, an offshoot of Lazarus which is known to have ties with North Korea.

The malware was said to have been used to compromise a Taiwanese bank’s SWIFT financial communications system to move funds from an overseas accounts.

Source: ZDNet