"North Korean Lazarus Group Exploits Windows Kernel Zero-Day for Rootkit Attack"
Originally Published 1 year ago — by The Hacker News
The Lazarus Group exploited a recently patched Windows Kernel flaw, CVE-2024-21338, as a zero-day to gain kernel-level access and disable security software on compromised hosts. This allowed them to run the FudModule rootkit, which can disable security solutions and manipulate Windows components. The attack showcases the group's technical sophistication and cross-platform focus, as they also target Apple macOS systems. This incident highlights the ongoing threat posed by the Lazarus Group as one of the most prolific and advanced persistent threat actors in the cybersecurity landscape.