North Korea hackers poison popular application to compromise over 100 devices



News North Korea hackers poison popular application to compromise over 100 devices Supply chain attack used validated software in sign of Lazarus Group’s increasing ‘sophistication,’ expert says Shreyas Reddy November 24, 2023 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON An illustration of a grid of compromised computers \| Image: NK Pro North Korean cybercriminals compromised over 100 devices worldwide by deploying a malicious version of a Taiwanese application, according to security researchers. Microsoft Threat Intelligence reported Wednesday that Lazarus Group used a variant of an application installer developed by CyberLink Corp. for the supply chain attack. CyberLink’s software is widely used for functions such as video playback and editing, business communications and facial recognition, and Microsoft said this campaign affected devices in numerous countries including Japan, Taiwan, Canada and the U.S. Researchers attributed the campaign with “high confidence” to Lazarus, which Microsoft tracks Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01How China could benefit from North Korea’s troop deployment to Ukraine 02New North Korean ICBM delivers big political message, and likely bigger payloads 03How North Korea-Russia ties will challenge next US president, no matter who wins 04What to make of the stunning collapse in value of North Korean won 05What to know about Kim Yong Bok, the man leading North Korean troops in Russia 06If Trump: How erratic leader’s reelection could scramble North Korea policy 07North Korea’s admission of drone incursion exposes glaring gaps in air defenses 08The war in Ukraine is transforming how Europe perceives North Korean threats

News

North Korea hackers poison popular application to compromise over 100 devices

Supply chain attack used validated software in sign of Lazarus Group’s increasing ‘sophistication,’ expert says

Shreyas Reddy November 24, 2023

North Korea hackers poison popular application to compromise over 100 devices

An illustration of a grid of compromised computers | Image: NK Pro

North Korean cybercriminals compromised over 100 devices worldwide by deploying a malicious version of a Taiwanese application, according to security researchers.

Microsoft Threat Intelligence reported Wednesday that Lazarus Group used a variant of an application installer developed by CyberLink Corp. for the supply chain attack.

CyberLink’s software is widely used for functions such as video playback and editing, business communications and facial recognition, and Microsoft said this campaign affected devices in numerous countries including Japan, Taiwan, Canada and the U.S.

Researchers attributed the campaign with “high confidence” to Lazarus, which Microsoft tracks

01How China could benefit from North Korea’s troop deployment to Ukraine
02New North Korean ICBM delivers big political message, and likely bigger payloads
03How North Korea-Russia ties will challenge next US president, no matter who wins
04What to make of the stunning collapse in value of North Korean won
05What to know about Kim Yong Bok, the man leading North Korean troops in Russia
06If Trump: How erratic leader’s reelection could scramble North Korea policy
07North Korea’s admission of drone incursion exposes glaring gaps in air defenses
08The war in Ukraine is transforming how Europe perceives North Korean threats

North Korea hackers poison popular application to compromise over 100 devices

LATEST ANALYSIS

Similar Articles

About the Author

Shreyas Reddy