Open-source software, including KiTTY, PuTTY, Sumatra PDF Reader, TightVNC, and muPDF/Subliminal Recording installer, are being leveraged by Lazarus
affiliate ZINC in new malware attacks, according to SecurityWeek
U.S., U.K., Russian, and Indian media, aerospace, and defense organizations are having their employees targeted by the hacking operation through communications on LinkedIn, a Microsoft report revealed. While ZINC has traditionally used spear-phishing, it has since added social engineering and website compromises to its tactics.
"Beginning in June 2022, ZINC employed traditional social engineering tactics by initially connecting with individuals on LinkedIn to establish a level of trust with their targets. Upon successful connection, ZINC encouraged continued communication over WhatsApp, which acted as the means of delivery for their malicious payloads," said Microsoft.
Widespread usage of the open source software leveraged in the operation should prompt urgent concern among organizations.
"[This] could pose a significant threat to individuals and organizations across multiple sectors and regions," added Microsoft.