The Lazarus Group, a North Korea-aligned state-sponsored actor, has launched a new campaign targeting Linux users as part of their long-running Operation Dream Job.
The attack involves distributing a malicious ZIP file containing a Linux backdoor via spear-phishing or direct messages on LinkedIn. ESET identified a link between this campaign and a supply chain attack on VoIP software developer 3CX, which had been in the works since December 2022.
This demonstrates the Lazarus Group’s continued success with staging supply chain attacks and highlights the importance of being aware of social engineering schemes.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply