Microsoft: Lazarus hackers are weaponizing open-source software, Cyber-espionage, Lazarus Group, Malware, North Korea, Open Source, ZINC

Microsoft says the North Korean-sponsored Lazarus threat group is trojanizing legitimate open-source software and using it to backdoor organizations in many industry sectors, such as technology, defense, and media entertainment.

The list of open-source software weaponized by Lazarus state hackers to deploy the BLINDINGCAN (aka ZetaNile) backdoor includes PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and the muPDF/Subliminal Recording software installer.

The PuTTY and KiTTY SSH clients were also used to backdoor targets’ devices in fake job skills assessments, as reported by Mandiant this month.

This trojanized software was used in social engineering attacks from late April to mid-September 2022 and primarily focused on engineers and technical support professionals working at IT and media organizations in the UK, India, and the U.S.

The attackers created “fake profiles claiming to be recruiters working at technology, defense, and media entertainment companies, with the goal of moving targets away from LinkedIn and to the encrypted messaging app WhatsApp for the delivery of malware,” Microsoft said.

“Targets received outreach tailored to their profession or background and were encouraged to apply for an open position at one of several legitimate companies.”

After the targets were tricked into downloading the weaponized software to deploy the malware on their systems, the Lazarus operators used the backdoor for lateral movement and network discovery, with the end goal of stealing sensitive info.

Microsoft: Lazarus hackers are weaponizing open-source software, Cyber-espionage, Lazarus Group, Malware, North Korea, Open Source, ZINC

Recent ZINC campaign (Microsoft)

Mandiant said in its report that the group’s latest activities seem to be a continuation of Operation Dream Job, a North Korean cyber-espionage campaign active since June 2020 when it lured targets from prominent defense and aerospace companies in the U.S. with fake job offers.

The Lazarus Group (also tracked as ZINC, Labyrinth Chollima, and Black Artemis) is a North-Korean military hacking group active since at least 2009.

It gained notoriety after hacking Sony Films in Operation Blockbuster, multiple banks worldwide, and for coordinating the 2017 global WannaCry ransomware campaign.

More recently, Lazarus targeted security researchers in social engineering attacks using elaborate fake “security researcher” social media personas in January and in a similar campaign in March.

They also used the ThreatNeedle backdoor in a large-scale cyber-espionage campaign against the defense industry of over a dozen countries.

The U.S. government sanctioned three DPRK-sponsored hacking groups (Lazarus, Bluenoroff, and Andariel) in September 2019 and now offers a reward of up to $5 million for information on North Korean hackers’ cyber activity.

TECH NEWS RELATED

Project L: Riot's League of Legends Fighting Game Resurfaces With New Gameplay

Project L shares a closer look at its Team Fight.

View more: Project L: Riot's League of Legends Fighting Game Resurfaces With New Gameplay

Starfield will be $70 as Microsoft raises next-gen games prices

Starfield, Redfall, and other Microsoft first-party games will see a price hike to $70 starting in 2023, keeping pace with Sony and Ubisoft's recent increases

View more: Starfield will be $70 as Microsoft raises next-gen games prices

New Sea of Thieves Adventure Goes From Holiday Cheer to a Rather Dark Place in the Span of a Trailer

Today Rare and Microsoft released a cinematic trailer for the next adventure that is coming to Sea of Thieves. The adventure is titled “The Rogue’s Legacy” and the trailer certainly goes from cheerful at the beginning to rather dark at the end. We see the tavern keeper Tasha as ...

View more: New Sea of Thieves Adventure Goes From Holiday Cheer to a Rather Dark Place in the Span of a Trailer

Seriously, Nintendo, It’s Time to Release a Switch Pro

Switch fans deserve an upgrade. That doesn’t mean they’ll get one.

View more: Seriously, Nintendo, It’s Time to Release a Switch Pro

Big Money Investors Turn to These Altcoins as Crypto Market Recovers – What Do They Know?

Adobe Stock / By Igor Faun While stocks continued Friday’s downward trend Monday, Bitcoin and other cryptocurrencies remained relatively steady, though Bitcoin is currently struggling to stay above the $17,000 support. As markets remain unpredictable, this is a great time to follow the lead of many other investors buying ...

View more: Big Money Investors Turn to These Altcoins as Crypto Market Recovers – What Do They Know?

Inflation Hits Gaming: Microsoft Will Start Charging $70 For Its Biggest Titles In 2023

The price increase mirrors other major game makers, particularly Sony's PlayStation division.

View more: Inflation Hits Gaming: Microsoft Will Start Charging $70 For Its Biggest Titles In 2023

Microsoft is ready to fight for its $69 billion Activision deal

Credit: Pixabay/CC0 Public Domain Microsoft Corp. is ready to fight for its $69 billion acquisition of gaming company Activision Blizzard Inc. if the US Federal Trade Commission files a lawsuit seeking to block the deal, according to a person familiar with the matter. The Xbox maker hasn’t had conversations ...

View more: Microsoft is ready to fight for its $69 billion Activision deal

Microsoft Announces Price Hike for First-Party Xbox Games

Microsoft has announced that all their first-party titles will receive a price increase starting in 2023. They will follow suit with PlayStation and Ubisoft, and all upcoming games like Redfall, The Outer Worlds 2, Starfield, and future Forza titles will be $70 on release. However, this will only be ...

View more: Microsoft Announces Price Hike for First-Party Xbox Games

FTC Apparently Split On Microsoft/Activision Decision - Report

First-Party Xbox Series X|S Game Prices Increasing To $70 In 2023

Best Crypto to Buy Today, 5 December

Microsoft to raise price of Xbox Series X/S games in 2023 ahead of Starfield

Microsoft Raising Prices on New, First-Party Games Built for Xbox Series X|S to $70 in 2023 - IGN News - IGN

Google Shutters Its Duplex for Web Ticket Booking Tool

7 Methods To Fix Microsoft Office SDX Helper High Disk or CPU Usage

Adobe Takes an Odd Approach to AI-Generated Stock Images

10 Ways to Fix Amazon Prime Video Doesn’t Play in HD on Browser

First Party Xbox Series X/S Games Will be Priced at $70 Starting 2023

Microsoft Raising Prices on New, First-Party Games Built for Xbox Series X|S to $70 in 2023

Twitter Regains Apple and Amazon Ad Support

OTHER TECH NEWS

Top Car News Car News