Jump to content

Ars Technica - Numerous orgs hacked after installing weaponized open source apps


Neo
 Share

Recommended Posts

Numerous orgs hacked after installing weaponized open source apps

Enlarge (credit: Getty Images)

Hackers backed by the North Korean government are weaponizing well-known pieces of open source software in an ongoing campaign that has already succeeded in compromising "numerous" organizations in the media, defense and aerospace, and IT services industries, Microsoft said on Thursday.

ZINC—Microsoft's name for a threat actor group also called Lazarus, which is best known for conducting the devastating 2014 compromise of Sony Pictures Entertainment—has been lacing PuTTY and other legitimate open source applications with highly encrypted code that ultimately installs espionage malware.

The hackers then pose as job recruiters and connect with individuals of targeted organizations over LinkedIn. After developing a level of trust over a series of conversations and eventually moving them to the WhatsApp messenger, the hackers instruct the individuals to install the apps, which infect the employees' work environments.

Read 10 remaining paragraphs | Comments

View the full article

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share