The threat actor is tracked by the tech giant as Diamond Sleet (Zinc). Previously described as a sub-group of the notorious Lazarus, the hacker gang has been conducting attacks for data theft, espionage, destruction and financial gain.
The hackers compromised the company's systems and modified a legitimate application installer. They added malicious code designed to download, decrypt and load a second-stage payload.
Microsoft has made available indicators of compromise (IoCs) to help defenders detect Diamond Sleet activity on their network.
[
add
]
[
|
|
...
]