North Korean cyberspies trick developers into installing malware with fake job interviews
- by nlqip
In November, the Lazarus group, North Korea’s primary cyberespionage and sabotage arm, compromised a Taiwanese multimedia software company called CyberLink and trojanized the installer for one of its commercial applications. In February, Japan’s CERT reported that Lazarus uploaded malicious Python packages to PyPI, the official Python package repository.
One of the dangers of campaigns like DEV#POPPER is that some victims who fall for the fake job interview lure are current employees looking for better opportunities. As such, they likely have credentials and information about projects as part of their current jobs, highlighting the importance of treating developer machines as critical assets with strict access control and monitoring.
“Based on the gathered telemetry, no specific trend in victimology was identified,” the Securonix researchers wrote in their new report. “However, analysis of the collected samples revealed victims are primarily scattered across South Korea, North America, Europe, and the Middle East, indicating that the impact of the attack is widespread.”
Source link
lol
In November, the Lazarus group, North Korea’s primary cyberespionage and sabotage arm, compromised a Taiwanese multimedia software company called CyberLink and trojanized the installer for one of its commercial applications. In February, Japan’s CERT reported that Lazarus uploaded malicious Python packages to PyPI, the official Python package repository. One of the dangers of campaigns like…
Recent Posts
- Windows 10 KB5046714 update fixes bug preventing app uninstalls
- Eight Key Takeaways From Kyndryl’s First Investor Day
- QNAP pulls buggy QTS firmware causing widespread NAS issues
- N-able Exec: ‘Cybersecurity And Compliance Are A Team Sport’
- Hackers breach US firm over Wi-Fi from Russia in ‘Nearest Neighbor Attack’