Lazarus Group used ActiveX zero-day vulnerability to attack South Korean security think tank

An ActiveX zero-day vulnerability used in attacks against a South Korean think tank has been connected to Lazarus Group. The target of these attacks was the Sejong Institute, a non-profit South Korean think tank which conducts research on national security. The private organization works with academic institutions worldwide.

The ActiveX zero-day flaw was discovered on the think tank’s website in May by South Korean cybersecurity firm AhnLab. The attack was one amongst many conducted by Andariel Group, an offshoot of Lazarus, which is believed to be linked to North Korea.

Read more about the attack on a non-profit South Korean think tank that has been attributed to North Korean hackers on ZDNet.

Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief