![]() Malware Disguised as Legitimate Software: Bogus LinkedIn profiles have been used to lure targets into opening malware-laced documents disguised as job offers, with the ongoing North Korean espionage campaign first documented in 2020 by ClearSky Security. This marked the first time Lazarus had targeted Linux users. Security firm ESET published research highlighting the connection between the 3CX supply-chain attack and Linux-based malware deployed through fake job offers from phony executive profiles on LinkedIn. This eventually led to the deployment of a password-stealing program called ICONICSTEALER.Mandiant concluded that the 3CX attack was orchestrated by the North Korean state-sponsored hacking group known as Lazarus, a determination that was independently reached earlier by researchers at Kaspersky Lab and Elastic Security. The compromised 3CX software downloaded malware that sought instructions from encrypted icon files hosted on GitHub. Mandiant, along with Kaspersky Lab and Elastic Security, attributed the attack to the North Korean state-sponsored hacking group known as Lazarus. Attribution to North Korea’s Lazarus Group: The double supply chain compromise that led to malware being pushed out to some 3CX customers. This is the first time Mandiant has seen a software supply chain attack lead to another software supply chain attack,” reads the April 20 Mandiant report. The attackers used the employee’s corporate credentials to infiltrate 3CX’s network through a VPN and subsequently compromise both the Windows and macOS build environments. ![]() Mandiant’s report described this as the first instance of a software supply-chain attack leading to another. Incident response firm Mandiant was hired to investigate the breach, and their report showed that the compromise began in 2022 when a 3CX employee installed a malware-laced software package from an earlier software supply-chain compromise. In March 2023, 3CX revealed that their desktop applications for both Windows and macOS had been compromised, allowing attackers to download and run code on all machines where the app was installed. With 3CX having over 600,000 customers and 12 million users across various industries, the implications of this breach are vast and far-reaching. In a complex and elaborate operation, North Korean hackers employed fake LinkedIn profiles, malware targeted at Mac and Linux users, and nested software supply-chain attacks to infiltrate the company. The recent supply-chain attack on VoIP software provider 3CX has all the makings of a cyberpunk spy novel. ![]() Malware Disguised as Legitimate Software:.Attribution to North Korea’s Lazarus Group:.Cyberware īasic processor, interface plugs, smartgun link, chipware socket, basic cyberoptic, targeting scope, teleoptics, Low Lite™, Times Square Marquee, basic cyberaudio, amplified hearing, radio link, scrambler, wide band radio scanner. 4, Expert Black Operations 5, Expert Commando Operations 5, Hide/Evade 6, Shadow/Track 6, Teaching 4, Wilderness Survival 4, Driving 6, Pilot Fixed Wing 4, Handgun 7, Rifle 7, Submachinegun 4, Melee 5, Stealth 4, Demolitions 8, Elect. Skills Ĭombat Sense 7, Resist Torture/ Drugs 3, Awareness/ Notice 7, Education and Gen Know. The elder Llewellyn encourages his son's friendship with Lazarus, believing that his son lacks knowledge of his plans, and that the relationship will make Lazarus more trusting, and therefore vulnerable. If he becomes more certain, he will attempt to warn Lazarus of the imminent betrayal. He is, however, beginning to suspect the former Brigadiers ambitions. Lazarus loves the boy, and treats him like the son he never had.Ĭaptain Llewellyn is not in on his father's plan to oust Lazarus. He and Colonel Emile Lazarus have been friends ever since Lazarus became acquainted with his father, and he thinks of Lazarus as an uncle. Edward is a fine young man, raised in the best spirit of the military tradition. He is now a special operations agent and cadre trainer for the Lazarus group. Edward Llewellyn is Douglas Llewellyn's handsome 26 year old son, a graduate of Cambridge University and the British SAS commando school.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |