Notorious North Korean-associated hacking group Lazarus has been identified in a new campaign weaponizing legitimate open-source software. The software is being leverages by the group to target employees in organizations across multiple industries and countries. Microsoft’s Threat Intelligence Center recently published an advisory regarding the threat on Thursday. The report states that the attacks were executed by the Lazarus group, which Microsoft tracks as Zinc, against the media, defense, aerospace, and IT services industries in the UK, US, India, and Russia.
According to Microsoft’s research, the campaign was successful at compromising a number of the targeted organizations. The campaign began in June 2022, Microsoft reported. Lazarus began the attacks by connecting with individuals on Linkedin in order to establish trust, and kept the communications going after successful connection. Due to the fact that the threat actor uses multiple different popular platforms to launch the campaign, it could pose a significant threat to individuals and organizations spanning multiple different sectors.