[German]The state hacker group Lazarus, attributed to North Korea, seems to have changed its strategy and is trying to attack software supply chains. It is possible that many dependent systems could be infected via such supply chain attacks. Security researchers from Kaspersky have observed corresponding activities in this direction.
Advertising
I became aware of the issue via the following tweet der from colleagues. Bleeping Computer elaborated on it in more detail in this article.
Kaspersky security researchers observe that the North Korean-sponsored hacking group Lazarus is expanding its capabilities to attack supply chains. For example, Lazarus used a new variant of the BLINDINGCAN backdoor to attack a South Korean think tank in June. Back in May 2021, this backdoor was used in an attack on a Latvian IT provider. More details may be obtained from the APT trends report Q3 2021, dated October 26, 2021.
