News North Korea hackers poison popular application to compromise over 100 devicesSupply chain attack used validated software in sign of Lazarus Group’s increasing ‘sophistication,’ expert says North Korean cybercriminals compromised over 100 devices worldwide by deploying a malicious version of a Taiwanese application, according to security researchers. Microsoft Threat Intelligence reported Wednesday that Lazarus Group used a variant of an application installer developed by CyberLink Corp. for the supply chain attack. CyberLink’s software is widely used for functions such as video playback and editing, business communications and facial recognition, and Microsoft said this campaign affected devices in numerous countries including Japan, Taiwan, Canada and the U.S. Researchers attributed the campaign with “high confidence” to Lazarus, which Microsoft tracks © Korea Risk Group. All rights reserved. |