Article 647D2 Numerous orgs hacked after installing weaponized open source apps

Numerous orgs hacked after installing weaponized open source apps

by
Dan Goodin
from Ars Technica - All content on (#647D2)
north-korea-hacking-800x534.jpeg

Enlarge (credit: Getty Images)

Hackers backed by the North Korean government are weaponizing well-known pieces of open source software in an ongoing campaign that has already succeeded in compromising "numerous" organizations in the media, defense and aerospace, and IT services industries, Microsoft said on Thursday.

ZINC-Microsoft's name for a threat actor group also called Lazarus, which is best known for conducting the devastating 2014 compromise of Sony Pictures Entertainment-has been lacing PuTTY and other legitimate open source applications with highly encrypted code that ultimately installs espionage malware.

The hackers then pose as job recruiters and connect with individuals of targeted organizations over LinkedIn. After developing a level of trust over a series of conversations and eventually moving them to the WhatsApp messenger, the hackers instruct the individuals to install the apps, which infect the employees' work environments.

Read 10 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments