Best Top Reviews Online

Open Source Software Hijacked By North Korean Hackers

Microsoft security experts warn that Lazarus is back.

Lazarus Group, a well-known North Korean threat actor, has been observed carrying out a highly sophisticated, targeted malware attack that involves compromising popular open-source software and running spear phishing campaigns.

As a result, it has managed to compromise “numerous” organizations in the media, defense, and aerospace, as well as IT, and services industries, according to a Microsoft report (opens in new tab).

According to the company, Lazarus (or ZINC, as the group is known) compromised PuTTY, among other open-source applications, with malicious code that installs spyware. PuTTY is a terminal emulator, serial console, and network file transfer application that is free and open source.

Installing ZetaNile

However, simply compromising open-source software does not guarantee access to the target organization’s endpoints; users must still download and run the software. This is where spear-phishing comes into play. Threat actors use a highly targeted social engineering attack on LinkedIn to convince specific individuals working at target companies to download and run the app. Members of the group pose as recruiters on LinkedIn, offering people lucrative job opportunities.

The app was designed specifically to avoid detection. The ZetaNile espionage malware is only launched when the app connects to a specific IP address and logs in with a unique set of login credentials.

In addition to PuTTY, Lazarus compromised KiTTY, TightVNC, Sumatra PDF Reader, and muPDF/Subliminal Recording.

“Since June 2022, the actors have successfully compromised numerous organizations,” members of the Microsoft Security Threat Intelligence and LinkedIn Threat Prevention and Defense teams wrote in a blog post. “Because of the widespread use of the platforms and software used by ZINC in this campaign, ZINC could pose a significant threat to individuals and organizations in a variety of sectors and regions.”

Lazarus is no stranger to bogus job offers. After all, the group has been doing the same thing for crypto developers and artists, posing as recruiters for companies like Crypto.com and Coinbase.

Why Trust Us?

Best Top Reviews Online was established in 2018 to provide our readers with detailed, truthful, and impartial advice on what to buy. We now have millions of monthly users from all over the world and annually evaluate over a thousand products.

The above article was written by the BestTopReviewsOnline team, which consists of some of the most knowledgeable technical experts in the United States. Our team consists of highly regarded writers with vast experience in smartphones, computer components, technology apps, security, and photography, among other fields.

Related Stories

  • All Post
  • Best Picks
  • Explainers
  • How To
  • News
  • Versus

Get more info

Deals

Reviews

Best Products

Buying Guides

Contact Us

About Us

We provide a platform for our customers to rate and review services and products, as well as the stores that sell them. We research and compare the most popular brands and models before narrowing it down to the top ten, providing you with the most comprehensive and reliable buying advice to help you make your decision.

Disclaimer

BestTopReviewsOnline.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com. As an Amazon Associate I earn from qualifying purchases.

 

Address & Map

20 S Santa Cruz Ave, Suite 300, Los Gatos, CA 95030, United States

© 2022 BestTopReviewsOnline.com Pty. Ltd. All Rights Reserved. Licensing: All third-party trademarks, images, and copyrights used on this page are for comparative advertising, criticism, or review. As this is a public forum where users can express their opinions on specific products and businesses, the opinions expressed do not reflect those of BestTopReviewsOnline.com.