North Korean Lazarus hackers launch large-scale cyberattack by cloning open source software
Posted by:
Sarah Collins
Notorious North Korean hacking group Lazarus has been identified targeting software developers, especially in the Web3 sector, with infostealing malware. The attack campaign, named Phantom Circuit, involved infiltrating open-source tools with malicious code and distributing them through repositories like Gitlab. Over 1,500 victims in Europe, India, and Brazil fell prey to the poisoned repositories, containing popular tools like Codementor and CoinProperty. Lazarus, known for cyber theft to support state activities, particularly cryptocurrency-related, exploit vulnerabilities in software supply chains to gain valuable data. Their tactics range from fake job offers to sophisticated infostealers, resulting in significant financial losses. The group’s versatility in using various tools in their attacks emphasizes the importance of cybersecurity vigilance for developers and organizations alike.
Recent Posts1
Top 5 ways you can use Google Gemini to be more creative
February 6, 2025
