The Lazarus Group used a Google Chrome zero-day to target employees at American news media and IT companies. The Lazarus Group used phishing emails impersonating recruiters at Disney, Google, and Oracle with fake job opportunities, which included malicious links to spoofed Indeed and ZipRecruiter websites. An exploit kit hidden within the websites fingerprinted the target system and collected available client information. <\/p>\n","protected":false},"excerpt":{"rendered":"
The Lazarus Group used a Google Chrome zero-day to target employees at American news media and IT companies. The Lazarus Group used phishing emails impersonating recruiters at Disney, Google, and Oracle with fake job opportunities, which included malicious links to spoofed Indeed and ZipRecruiter websites. An exploit kit hidden within the websites fingerprinted the target […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_cloudinary_featured_overwrite":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[2],"tags":[],"cyber_operation":[49],"state_sponsor":[91],"victim_category":[32,138],"victim_government_response":[186],"victim":[182],"class_list":["post-10642","post","type-post","status-publish","format-standard","hentry","category-incident","cyber_operation-espionage","state_sponsor-korea-democratic-peoples-republic-of","victim_category-civil-society","victim_category-private-sector","victim_government_response-unknown","victim-united-states"],"acf":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts\/10642","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/comments?post=10642"}],"version-history":[{"count":0,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts\/10642\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/media?parent=10642"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/categories?post=10642"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/tags?post=10642"},{"taxonomy":"cyber_operation","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/cyber_operation?post=10642"},{"taxonomy":"state_sponsor","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/state_sponsor?post=10642"},{"taxonomy":"victim_category","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim_category?post=10642"},{"taxonomy":"victim_government_response","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim_government_response?post=10642"},{"taxonomy":"victim","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim?post=10642"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}