Quote:Microsoft has attributed a recently discovered campaign to target security researchers with custom malware through elaborate socially-engineered attacks to an APT group affiliated with North Korea-linked Lazarus Group.
Google’s Threat Analysis Group (TAG) on Monday already sounded a warning about the attacks, which play the long game and leverage social media to set up trust relationships with researchers and then infect their systems with malware through either malicious web pages or collaborative Visual Studio projects. The attackers appear so far only to be targeting researchers using Windows machines.
Given Microsoft’s connection to the attacks, researchers from the Microsoft 365 Defender Threat Intelligence Team revealed Thursday in a blog post what they have seen of the campaign. They attributed the attacks to ZINC–a threat group associated with Lazarus–and said they first observed the malicious activity after Microsoft Defender for Endpoint detected an attack in progress.
Researchers said with “high confidence” that the campaign—which they saw targeting “pen testers, private offensive security researchers, and employees at security and tech companies”–looks like the work of ZINC because of its “observed tradecraft, infrastructure, malware patterns, and account affiliations.”
Read more: https://threatpost.com/lazarus-affiliate...er/163474/
![[-]](https://www.geeks.fyi/images/collapse.png)
