North Korean hackers, linked to the Lazarus Group, are targeting energy and aerospace industries using a new backdoor malware called MISTPEN. Their tactic involves job-themed phishing attacks, using a trojanized PDF reader to deliver malware.
Key Points:
• Target sectors: Energy and aerospace industries globally.
• Malware: MISTPEN delivered via BURNBOOK launcher.
• Attack method: Phishing emails disguised as job offers.
• Malware behaviour: Installs backdoor, capable of downloading malicious files.