Gen, which is a rollup of consumer brands Norton, Avast, LifeLock and Avira, posted a sparse note linking the exploitation to Lazarus via the use of the FudModule rootkit
https://www.gendigital.com/blog/news/innovation/protecting-windows-users
Avast previously documented FudModule as part of the Lazarus APT toolkit that included an admin-to-kernel Windows zero-day exploit dating back to February.
This is one of six zero-days marked as exploited by Microsoft in the August Patch Tuesday bundle.
https://www.securityweek.com/microsoft-warns-of-six-windows-zero-days-being-actively-exploited/
Security experts also believe a second flaw (CVE-2024-38178) is being used by North Korean APT groups to target victims in South Korea.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38178