North Korean hackers corrupt open-source app to hijack computers in novel attack
Attack linked to Lazarus Group uses malware-laced client as lure to gain access, researchers say
Hackers linked to North Korea are using a malicious version of a popular open-source application as a novel lure to hijack computers, researchers at cybersecurity firm Mandiant warned in a report published on Wednesday.
According to the researchers, North Korean hacking syndicate UNC4034, also known as Lazarus Group or APT38, injected malware into an application widely used to connect computers. The application, a client called PuTTY, includes a so-called backdoor that ultimately gives the attackers full control over the compromised computer.
“There is some evidence to suggest they could be targeting users in technical or
- 01State media review: North Korea says ‘no reason’ it can’t meet with Japan
- 02North Korea primed for quick rebound after satellite launch failure: Analysis
- 03What to make of conflicting signs about a North Korean border reopening
- 04North Korea hacked an election body. But political interference wasn’t the goal.
- 05Secrecy surrounding North Korea’s upcoming plenum points to big changes afoot
- 06State media review: North Korea provides a front-row seat to anti-Yoon protests
- 07By linking radars, ROK and Japan reduce blind spots around North Korean missiles
- 08Poker face: North Korea tries new strategy in crackdown on ‘bluffing’ and lying