GovInfoSecurity Compliance DougOlenick) • April 21, 2021 The form Lazarus uses to lure in its victims (Source: Malwarebytes) Malwarebytes researchers report the North Korean advanced persistent threat group Lazarus rolled out a new weapon during a recent phishing campaign targeting South Korea in which the gang incorporated malicious BMP files in an image-laden document. The malware embedded in the images drops two payloads, and the actual attack takes place after the second has been downloaded. If the attack is successful, the hacker gains the ability to receive and execute commands and shellcode and perform data exfiltration to a command-and-control server, the researchers say.