The latest set of attacks documented by Kaspersky involve the second method, with the adversary making use of a completely revamped infection chain delivering a trojanized VNC utility under the pretext of conducting a skills assessment for IT positions at prominent aerospace and defense companies. This reflects the sophisticated tactics employed by the Lazarus Group in targeting high-value sectors.
Lazarus is interested in carrying out supply chain attacks as part of the DeathNote campaign, but this is mostly limited to two methods: the first is by sending a malicious document or trojanized PDF viewer that displays the tailored job descriptions to the target. The analysis highlights the diverse approaches these cyber adversaries take to manipulate their targets.
Collection
[
|
...
]