Energy providers hit by North Korea-linked Lazarus exploiting Log4j VMware vulnerabilities

North Korea’s Lazarus Group has been attacking energy providers in the US, Canada, and Japan since February, according to Cisco Talos. The group used malware to access and steal data from enterprise networks, targeting critical infrastructure for espionage purposes. Using custom-made malware, including a previously unknown remote access trojan, Lazarus seeks long-term access into networks to support North Korean government objectives.