Targeting of specialized engineering companies
Date of report
  • April 2022
North Korean threat actor Lazarus Group targeted a specialized engineering company to steal sensitive intellectual property. The hackers breached the organization’s network by exploiting the Log4j vulnerability, moving laterally to compromise eighteen other computers. The hackers installed a backdoor to steal credentials and exfiltrate sensitive data.
Suspected victims
  • Specialized engineering companies with customers in the military and energy sectors
Suspected state sponsor
  • Korea (Democratic People's Republic of)
Type of incident
  • Financial Theft
Target category
  • Private sector
Victim government reaction
  • Unknown