North Korea hackers poison popular application to compromise over 100 devices
Supply chain attack used validated software in sign of Lazarus Group’s increasing ‘sophistication,’ expert says
North Korean cybercriminals compromised over 100 devices worldwide by deploying a malicious version of a Taiwanese application, according to security researchers.
Microsoft Threat Intelligence reported Wednesday that Lazarus Group used a variant of an application installer developed by CyberLink Corp. for the supply chain attack.
CyberLink’s software is widely used for functions such as video playback and editing, business communications and facial recognition, and Microsoft said this campaign affected devices in numerous countries including Japan, Taiwan, Canada and the U.S.
Researchers attributed the campaign with “high confidence” to Lazarus, which Microsoft tracks
- 01What North Korea’s official budget reveals about its spending priorities in 2024
- 02How North Korean aggression and the Taiwan election complicate China-DPRK ties
- 03Satellite imagery shows Kim Jong Un’s east coast yacht, missile test activities
- 04State media review: North Korean festivals build up to former leader’s birthday
- 05Survey shows markets reign supreme in the daily lives of North Koreans
- 06What to make of North Korea’s apparent interest in naval nuclear propulsion
- 07How North Korean defectors shape the policies of countries where they settle
- 08Slump in life insurance sector points to unreported COVID deaths in North Korea