The North Korean threat actor Lazarus Group targeted South Korean users of WIZVERA VeraPort software, commonly used by South Korean banking and government websites, by compromising websites with VeraPort support. Using stolen security certificates, hackers installed malware onto victims’ devices when they visited the compromised websites.
- South Korean visitors to government and banking websites
Suspected state sponsor
- Korea (Democratic People's Republic of)
Type of incident
- Private sector
Victim government reaction