Lazarus Hackers Exploiting Log4j Vulnerabilities to Target U.S. Energy Companies

North Korea’s APT38 group, also known as Lazarus, is targeting energy firms in the US, Japan and Canada. Most famous for its orchestration of the largest cryptocurrency theft in history earlier this year, Lazarus is using Log4j vulnerabilities, widely prevalent in VMWare Horizon installations, to gain access. Once in, Lazarus deploys malware strains exclusive to its operations. Cisco Talos believes the hackers are creating long-term access to these networks for the North Korean Government.