Security News > 2025 > February > Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
2025-02-14 18:28
The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers. The active operation has been dubbed Marstech Mayhem by SecurityScorecard, with the malware delivered by means of an open-source repository hosted on GitHub that's associated with a profile named "
News URL
https://thehackernews.com/2025/02/lazarus-group-deploys-marstech1.html
Related news
- Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99 (source)
- Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks (source)
- Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign (source)
- North Korea targets crypto developers via NPM supply chain attack (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)