Ransomware attack on Brazil Nuclear Power Facility via Vulnerability

384

Reuters’ published a news article saying Brazil’s electro-nuclear power plant was hit by a ransomware attack, bringing down the operations to a halt on a partial note. And an official confirmation says that the attack was launched by notorious North Korean Lazarus hacking group that is known for its social engineering attacks such as the Wannacry 2017.

Later security firm ENKI said that Lazarus could have carried out the latest file encrypting malware attack by exploiting a zero day vulnerability in Internet Explorer browser of Windows operating system.


Another security firm Barracuda Networks said that the attack was highly sophisticated, disrupting some components related to operations. However, business systems and control systems remained unaffected.

Note- Lazarus group aka Guardians of Peace is a Cybercrime group that is being funded by North Korean intelligence- as per US Intelligence. Also known with the names Hidden Cobra and Zinc, the cyber crime group is known to hack critical infrastructure, thus making money through double extortion techniques. The Wannacry 2017 cyber attack was also launched by the same cyber criminal group that was later found to have exploited the EternalBlue vulnerability detected in Windows 7 operating systems. AstraZeneca that is now busy into the production of Corona Virus Vaccine was hit by a cyber incident by the same hacking group in November 2020. However, no critical data was compromised in the incident. As per a source from Russian Cybersecurity firm Kaspersky, most of the hackers belonging to Lazarus are sent to China to get special training in cyber warfare. And all the expenses are borne by the Kim Jung UN led nation who steals cryptocurrency to fund its nuclear programs.