"North Korean Lazarus Group Exploits Windows Kernel Zero-Day for Rootkit Attack"

February 29, 2024 at 11:19 AM

•

1 min read

"North Korean Lazarus Group Exploits Windows Kernel Zero-Day for Rootkit Attack" — Photo: The Hacker News

TL;DR Summary

The Lazarus Group exploited a recently patched Windows Kernel flaw, CVE-2024-21338, as a zero-day to gain kernel-level access and disable security software on compromised hosts. This allowed them to run the FudModule rootkit, which can disable security solutions and manipulate Windows components. The attack showcases the group's technical sophistication and cross-platform focus, as they also target Apple macOS systems. This incident highlights the ongoing threat posed by the Lazarus Group as one of the most prolific and advanced persistent threat actors in the cybersecurity landscape.

Topics:technology #cybersecurity #fudmodule-rootkit #lazarus-group #windows-kernel #zero-day-exploit

Share this article

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks The Hacker News
Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack SecurityWeek
Lazarus hackers exploited Windows zero-day to gain Kernel privileges BleepingComputer
Lazarus APT exploited zero-day in Windows driver to gain kernel privileges Security Affairs
Windows Kernal Flaw Exploited by Lazarus Group | by Ghazali | Feb, 2024 Medium

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

85%

563 → 85 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights