North Korean State-sponsored Hackers Use BMP Images To Hide Trojans

Hackers from North Korean APT group Lazarus are hiding the malicious code within .bmp images to drop RATs (Remote Access Trojans) to steal sensitive data from their targets. Hackers bait users by fake participation application form for a fair in one of the South Korean cities which asks users to enable macros upon opening it for the first time. If user falls for the bait, the remote code execution starts, dropping an executable called "AppStore.exe." Read more...