North Korea’s Lazarus hackers are exploiting Log4j flaw to hack US energy companies

The Lazarus hacking group, sponsored by North Korea, has been linked to a major cyber-espionage campaign targeting energy providers in the US, Canada and Japan this year. They used vulnerability in Log4j, or Log4Shell, to gain access to internet-exposed VMware Horizon servers, then deployed the VSingle and YamaBot malware to set up long-term network access. This adds to recent activities of the group, which includes thefts of over $700 million in cryptocurrencies and targeting blockchain and cryptocurrency organizations.