Security News > 2023 > November > Microsoft: Lazarus hackers breach CyberLink in supply chain attack

Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers to push malware in a supply chain attack targeting potential victims worldwide.
According to Microsoft Threat Intelligence, activity suspected to be linked with the altered CyberLink installer file surfaced as early as October 20, 2023.
Microsoft security experts have attributed this supply chain attack with high confidence to a North Korean cyberespionage group tracked by Redmond as Diamond Sleet.
After detecting a supply chain attack, Microsoft informed CyberLink and is also notifying Microsoft Defender for Endpoint customers who were affected by the attack.
Microsoft also reported the attack to GitHub, which removed the second-stage payload as per its Acceptable Use Policies.
The group is thought to be behind many high-profile cyber attacks, including the 2014 Sony Pictures hack, the WannaCry ransomware attack of 2017, and the largest crypto hack ever in 2022.
News URL
Related news
- Silk Typhoon hackers now target IT supply chains to breach networks (source)
- Lazarus hackers breach six companies in watering hole attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)
- GitHub supply chain attack spills secrets from 23,000 projects (source)