Vyveva: Lazarus hacking group’s latest weapon strikes South African freight

Researchers have discovered a new backdoor employed by the Lazarus hacking group in targeted attacks against the freight industry.

On Thursday, ESET said the new backdoor malware, dubbed Vyveva, was traced in an attack against a South African freight and logistics firm.

While the initial attack vector for deploying the malware is not yet known, examining machines infected with the malware revealed strong links to the Lazarus group.

Lazarus is an advanced persistent threat (APT) group of North Korean origin. The state-sponsored cyberattackers are prolific and are deemed responsible for the global WannaCry ransomware outbreak; $80 million Bangladeshi bank heist; attacks against South Korean supply chains, cryptocurrency theft, the 2014 Sony hack, and various other assaults against US organizations.

Read more…
Source: ZDNet