Eastern European energy and defense firms targeted with MATA backdoor

Oil, gas and defense firms in Eastern Europe have been targeted by an updated version of the MATA backdoor framework, which was originally associated with the North Korean hacking group, Lazarus. Despite no direct link, Kaspersky, the cybersecurity firm that located the campaign, noted that most malicious documents created contained a Korean font. The attacks consisted of phishing emails, encouraging targets to download malware exploiting an Internet Explorer vulnerability previously used by Lazarus.