Skip to content

4 Popular Open-Source Software Hijacked by North Korean Hackers

ZetaNile

A new and Infamous hacker group from North Korea known as Lazarus Group is taking advantage of vulnerabilities in popular open-source software and Recruitment Platform like LinkedIn to carryout targetted attacks on media, defense, and aerospace, as well as IT, and services industries.

Lazarus Group also known as ZINC, engage in highly sophisticated social engineering attacks on employees of a targetted company or organization with a fake job offer to make them download and run this open-source software which contains malware that installs spyware on the machine. The members of ZINC pose as recruiters and offer people lucrative job opportunities.

So far it is confirmed that Lazarus has managed to compromise PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and muPDF/Subliminal Recording.

The compromised version of the software is designed to avoid being detected. It’s only when the software connects to a specific IP address, and logs in using a special set of login credentials, that the software initiates the ZetaNile espionage malware.

Lazarus Group is a state-sponsored hacker group that has managed to compromise numerous companies and organizations since June 2022.

Previously the group has been targeting crypto developers and artists by pretending to be recruiters for Crypto.com and Coinbase.

According to Microsoft Security Threat Intelligence and LinkedIn Threat Prevention and Defense teams, ZINC could pose a significant threat to individuals and companies across the Globe because it utilizes popular open-source software which is widely used and platforms like LinkedIn for its campaigns.

Leave a Reply