Energy providers hit by North Korea-linked Lazarus exploiting Log4j VMware vulnerabilities

Research by Cisco Talos has found that North Korean state-sponsored hacker group, Lazarus Group, has been targeting energy providers in the U.S., Canada, and Japan since February. The group exploits vulnerabilities in VMware Horizon to gain access to networks and steal data and trade secrets. They employ custom malware to stay within infected networks and recently have shifted their focus towards blockchain and cryptocurrency organizations.