Sharpshooter is Attacking Nuclear, Defense, Energy, and Financial Businesses: McAfee Says

McAfee says it’s discovered a significant cybercrime performance called”Sharpshooter” which is assaulting nuclear, defense, energy, and financial companies.

The assault is allegedly run by North Korean state-sponsored Investors targeting businesses in the usa, or English-speaking companies across the globe.

At this stage in time, the hackers are not producing any concrete movements, but rather, are concentrated on information collecting, becoming as much info regarding their goal systems as possible.

This seems to be via highly personalized phishing attacks posing as a work recruitment service, sending Word files in localized, Korean which are now hiding malware, letting the hackers to set up an in-memory module which dials a management server.

Next, when the PC handles to link to the host, it is going to download the real malware, known as Rising Sun.

The assault is motivated by the Lazarus Group and their approaches, McAfee states, insinuating that it may be exactly the exact same group this time around, too.

“Operation Sharpshooter’s many technological links into the Lazarus Group look overly clear to instantly draw the conclusion that they’re accountable for the strikes, and rather indicate a possibility of fictitious flags,” McAfee says.