Lazarus hackers breach six companies in watering hole attacks - #Lazarus
The North Korean cyber espionage group Lazarus has launched a series of sophisticated attacks targeting the cryptocurrency sector and various industries in South Korea. Their tactics include the 'ClickFake Interview' campaign, which uses fraudulent job interview websites to distribute malware like GolangGhost and FrostyFerret, and the 'Operation SyncHole,' which compromised legitimate South Korean media portals. The group has also exploited the npm ecosystem to distribute malicious packages and employed phishing techniques during video calls. Lazarus has demonstrated adaptability by shifting focus from technical to non-technical roles and utilizing lightweight, modular tools for increased stealth. Their activities have resulted in significant cryptocurrency thefts, including a $1.5 billion hack of Bybit, and the group has shown proficiency in laundering stolen funds through various crypto platforms.