Thursday
Kaspersky warns of more fake supply chain attacks
More fake supply chain attacks are expected given the heightened cyberheist activities of the notorious Lazarus group, Russian cybersecurity firm Kaspersky Lab AO said Thursday.
Seonsgu Park, Kaspersky’s senior security researcher in the Global Research and Threat Analysis Team (GReAT), warned that more fake supply chain attacks are expected.
“With major attacks up its sleeves—such as the Bangladesh Bank heist and the WannaCry ransomware, to name a few—the Lazarus group is like a constant presence in the world of cybersecurity and it is getting quite adept at hiding and spreading its evil schemes,” said Park.
Kaspersky found that the Lazarus group—an advanced persistent threat (APT)—has developed new malicious operations which at first glance looks like a supply chain.
Dubbed as AppleJesus, the APT’s attack compromised users through the Trojanized trading application Celas Trade Pro, developed by a legitimate company Celas Limited.
Once Trojanized, a software is infected by a malware which, once activated, enables cybercriminals to spy on users, steal sensitive data, and gain backdoor access to systems.
“The extensive effort it exerts to create malware for the supposedly safer MacOS environment, and the intricate details needed to create a legitimate-looking application and software company, prove it is far from stopping,” said Park.
“There are more attacks to come, and we had better be ready because it won’t get any easier,” he warned.
Kaspersky said individuals should be more prudent in choosing third-party vendors and more cautious in trusting legitimate-looking software applications, certificates, and developers.
“We have observed how the Lazarus group has constantly evolved—from waging cyber espionage campaigns worldwide to financial attacks against major banks. Last year, we warned that they are not after your data anymore. And indeed, they aren’t,” said Park.
“These state-backed attackers are now ramping up the sophistication of their attacks and widening their reach to steal more money and trick the cybersecurity industry,” he said. —Jon Viktor Cabuenas/VDS, GMA News
source: gmanetwork.com