Threat Management, Email security, Vulnerability Management

Open-source software exploited by Lazarus affiliate in new malware attacks

Open-source software, including KiTTY, PuTTY, Sumatra PDF Reader, TightVNC, and muPDF/Subliminal Recording installer, are being leveraged by Lazarus affiliate ZINC in new malware attacks, according to SecurityWeek. U.S., U.K., Russian, and Indian media, aerospace, and defense organizations are having their employees targeted by the hacking operation through communications on LinkedIn, a Microsoft report revealed. While ZINC has traditionally used spear-phishing, it has since added social engineering and website compromises to its tactics. "Beginning in June 2022, ZINC employed traditional social engineering tactics by initially connecting with individuals on LinkedIn to establish a level of trust with their targets. Upon successful connection, ZINC encouraged continued communication over WhatsApp, which acted as the means of delivery for their malicious payloads," said Microsoft. Widespread usage of the open source software leveraged in the operation should prompt urgent concern among organizations. "[This] could pose a significant threat to individuals and organizations across multiple sectors and regions," added Microsoft.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.