North Korea’s notorious hacking collective, Lazarus Group, has orchestrated a large-scale supply chain attack, compromising hundreds of victims worldwide, according to cybersecurity researchers. The operation, named Phantom Circuit, remains active as of this month.
The group injected malicious backdoors into cloned versions of legitimate open-source software and developer tools, primarily targeting professionals in the cryptocurrency industry. These tampered projects were then distributed via platforms like GitLab, leading unsuspecting developers to download and execute the compromised code, effectively exposing their systems.
According to SecurityScorecard, which uncovered and analyzed the attack, the campaign has unfolded in multiple waves:
- November 2024: 181 developers, mostly in the European tech sector, were targeted.
- December 2024: The attack expanded to 1,225 victims, including 284 in India and 21 in Brazil.
- January 2025: An additional 233 individuals were affected, with 110 in India’s technology sector alone.
The stolen data includes credentials, authentication tokens, passwords, and system information, posing severe security risks for organizations and individuals alike.
The hackers leveraged open-source repositories, particularly forking existing projects to insert malicious code.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: