Lazarus hacking group now hides payloads in BMP image files

The Lazarus group has tweaked its loader obfuscation techniques by abusing image files in a recent phishing campaign.

Lazarus is a state-sponsored advanced persistent threat (APT) group from North Korea.

Known as one of the most prolific and sophisticated APTs out there, Lazarus has been in operation for over a decade and is considered responsible for worldwide attacks including the WannaCry ransomware outbreak, bank thefts, and assaults against cryptocurrency exchanges.

Read more…
Source: ZDNet