It has been reported that Lazarus malware has been tracked in new campaigns against South Korean supply chains, made possible through stolen security certificates.
Today, cybersecurity researchers from ESET revealed the abuse of the certificates, stolen from two separate, legitimate South Korean companies. In this supply chain attack, the threat actors are using an “unusual supply chain mechanism,” ESET says, in which Lazarus is abusing a standard requirement for South Korean internet users — the need to install additional security software when they visit government or financial services websites.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.