A cascade of compromise: unveiling Lazarus’ new campaign

Earlier this year, a software vendor was compromised by the Lazarus malware delivered through unpatched legitimate software. What’s remarkable is that these software vulnerabilities were not new, and despite warnings and patches from the vendor, many of the vendor’s systems continued to use the flawed software, allowing the threat actor to exploit them.

Upon further investigation, Kaspersky discovered that the software vendor that developed the exploited software had previously fallen victim to Lazarus several times. This recurring breach suggested a persistent and determined threat actor with the likely objective of stealing valuable source code or tampering with the software supply chain, and they continued to exploit vulnerabilities in the company’s software while targeting other software makers.

Read more…
Source: Kaspersky