North Korea's APT Lazarus Group Targets Microsoft IIS Servers

Researchers from on lab that's a hn lab security emergency response center have reported that the lazarus apt group is targeting Versions of microsoft IIS servers in a recent wave of malware based attacks. The attackers leverage a dll side loading technique to execute a malicious dll MSV cr 100 dot dll that they have placed in the same folder path as a normal application like word conv Exe then the library is executed via the windows IIS web server process. Researchers note a similarity between this dll technique and another are previously used by the lazarus actors.

Play episode from 40:58

Transcript

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

Get the app