In a first instance of its kind, nation-state actors have been identified infiltrating supply chains using open source. The infamous Lazarus Group, affiliated with North Korea, leveraged false developer reputations and social engineering to trick victims into using malicious open-source packages, which were subtly improved over time. The group primarily targeted companies in the blockchain and cryptocurrency sectors. We predict a rise in social engineering tactics targeting developers, given the ease of creating deceptive, reputable personas within the ecosystem. This report shares new unpublished IOCs related to this attack. Developer awareness is crucial for countering such threats, and Checkmarx Supply chain customers are already protected against these attacks. The continuous evolution of these tactics underlines the need for vigilance, proactivity, and the importance of understanding the threat landscape.
- Home
- About Us
- Authors
- Contact Us
- Submit News
- Register
- Sitemap
