Lazarus hacker group weaponise open-source software against several countries
Open-source software has been weaponised by threat actors connected to North Korea. The Lazarus Group, also known as Zinc, the actor tracked by Microsoft, is said to have carried out the attacks. Targets include media, defense and aerospace, and information technology sectors in the United States, UK, India, and Russia.
Legitimate open-source software has been weaponised by threat actors connected to North Korea and is now being used to target personnel in businesses from a variety of industries, the Microsoft Threat Intelligence Center (MSTIC) warned.
The Lazarus Group, also known Zinc, the actor tracked by Microsoft, is said to have carried out the attacks, the technical write-up stated.
According to the advisory, Zinc has successfully compromised numerous organisations in the media, defense and aerospace, and information technology sectors in the USA, UK, India, and Russia.