North Korean-backed hackers tracked as the Lazarus Group have developed and are actively using VHD ransomware against enterprise targets according to a report published by Kaspersky researchers today. The researchers found VHD malware samples between March and May 2020 during two investigations, being deployed over the network with the help of an SMB brute-forcing spreading tool and the MATA malware framework (also known as Dacls) The U.N. Security Council says North Koreans were behind cryptocurrency heists that led to losses of $571 million during 2017 and 2018.
Source: https://www.bleepingcomputer.com/news/security/north-korean-hackers-created-vhd-ransomware-for-enterprise-attacks/