- Lazarus was poisoned open source software with infosteaux
- The campaign is nicknamed Phantom circuit and mainly targets European software developers
- Several standards have been found poisoned with malicious software
Lazarus North Korean pirates have targeted software developers, in particular those in the web3 industry, with malware, malware, their references, authentication tokens and other precious data, warned Experts.
Cybersecurity researchers SecurityScorecard published a report detailing the campaign, which included a software supply chain attack and open-source poisoning.
Lazarus Group, a infamous piracy collective on the pay of North Korea, was seen by entering different open source tools, poisoning them with malicious code, then rendering them to code standards and in platforms such as Gitlab.
Target web3 developers
The developers would then pick up these tools by mistake and be unconsciously infected with malicious software.
The researchers appointed the circuit of Operation Phantom and apparently ended up compromising more than 1,500 victims. Most of them are based in Europe, with notable additions from India and Brazil.
The modified benchmarks apparently included Codementor, Coinproperty, Web3 in store, a Python-based password manager and “other applications related to cryptocurrency, authentication packages and web3 technologies”, citing Ryan SherstoBitoff, Main vice-president of research and threats to SecurityCorecard.
The researchers did not say if Lazarus had used a known infosteller in this campaign or created a new code from zero. The group is known to use a wide variety of tools in their attacks.
Lazarus often targets cryptocurrency companies. Some researchers say that the country engages in a cryptographic flight to finance its state apparatus, as well as its weapons program. The group is famous for its false job campaign, called Dreamjob Operation, in which it targets web 3 software developers with false lucrative job offers.
During the interview steps, the attackers would encourage the candidate to download and manage infostants, to grasp their tokens and to those of their employers. In such a case, Lazarus managed to steal around $ 600 million.
