Lazarus malware strikes South Korean supply chains

Lazarus malware has been tracked in new campaigns against South Korean supply chains, made possible through stolen security certificates.

On Monday, cybersecurity researchers from ESET revealed the abuse of the certificates, stolen from two separate, legitimate South Korean companies.

Lazarus, also known as Hidden Cobra, is an umbrella term for select threat groups — including offshoot entities — suspected of being tied to North Korea. Thought to be responsible for Sony’s infamous 2014 hack, Lazarus has also been connected to hacks using zero-day vulnerabilities, LinkedIn phishing messages, and the deployment of Trojans in campaigns including Dacls and Trickbot.

Read more…
Source: ZDNet