The group of hacker North Koreans, known as Lazarusis back in the news.
As has emerged in recent days, in fact, a collective of cybercriminals has been exploiting a website for six months exploit zero-day Of WindowsThat Microsoft knew but for which he did not promptly propose an adequate patch. Even after the Redmond company patched the vulnerability last month, it never admitted that Lazarus actually abused it.
The hackers, starting last August, installed rootkit on vulnerable computers, with malware gaining full access with relative ease kernel of Windows. As reported by Jan Vojtesekresearcher of AvastAccording to Microsoft Security Service Policy, a kernel administrator does not pose an immediate threat. All this explains the great calm with which the company faced the problem.
All things considered, Microsoft’s policies turned out to be a real advantage for Lazarus. Cybercriminals have installed a custom rootkit known as FudModulewhich exploited precisely this gap.
Windows 0-day exploit: The kernel is not a security priority for Microsoft
The vulnerability, cataloged with the code CVE-2024-21338 it was reported to Microsoft last August, complete with all the relevant documentation. Despite this, apparently, the developers have only recently dealt with it.
Certainly, in this period of time Lazarus has been able to refine its attack, strengthening its position on Windows systems already compromised and without patch. Despite the rain of criticism rained down on Microsoft, there are also those who take a more moderate position.
Let’s talk, for example, about Will Dormannsenior vulnerability analyst at the security company Analygence. In a statement, Dormann stated that six-month waits to patch exploits are common, although given the scope of the threat it could make the patch timing much less acceptable.
Microsoft, for its part, did not want to make official statements on the matter. Of course, now that the vulnerability has been made public, the risk is that other cybercriminals will follow Lazarus’ example and try to exploit it to their advantage.