In what experts call a "highly operational, destructive, and sophisticated nation-state activity group" with strong links to the Kim regime, North Korea has been working hard to weaponize open-source software since June 2022.
Microsoft, LinkedIn, and other companies are sharing that they've found these recent threats connected to the North Korean cyber group known as Lazarus, which is working under the alias name Labyrinth Chollima. These attacks aren't limited to the west, with industries ranging from media companies, defence and aerospace departments, and IT firms from Russia, the UK, and India.
Zinc, a giant in the cybercriminal underground world, is working to leverage a "wide range of open-source software including PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and muPDF/Subliminal Recording software installer for these attacks.
Information from Crowdstike states that Zinc "has been active since 2009 in operations aimed at collecting political, military, and economic intelligence on North Korea's foreign adversaries and conducting currency generation campaigns."
Hungry for more? Join me each week, where I'll break down complex topics and dissect the latest news within the cybersecurity industry and blockchain ecosystem, simplifying the tech world.