The Lazarus Group used a Google Chrome zero-day to target employees at American news media and IT companies. The Lazarus Group used phishing emails impersonating recruiters at Disney, Google, and Oracle with fake job opportunities, which included malicious links to spoofed Indeed and ZipRecruiter websites. An exploit kit hidden within the websites fingerprinted the target system and collected available client information.
- Over 250 individuals working for 10 different news media, domain registrars, web hosting providers, and software vendors
Suspected state sponsor
- Korea (Democratic People's Republic of)
Type of incident
- Private sector
- Civil society
Victim government reaction