Cybersecurity researchers from Eset have recently uncovered a new harmful campaign launched by North Korean hackers known as the Lazarus Group. This campaign, supposedly part of the Dreamjob operation, has reportedly targeted Linux users.
Previous waves of Lazarus Group’s harmful activities were aimed at Windows computers and were recorded in March of this year. During that time, several companies were compromised by the Trojan version of the 3CX client, which allowed hackers to steal information.
Yesterday, Mandiant released the final results of its investigation of the 3cx hacking incident, once again linking the attack to North Korean hackers. The report detailed that the 3CX development environment was compromised after one of the employees installed software from Trading Technologies, the installer of which was infected with Trojan.
The Lazarus Dreamjob operation, also known as Nukesped, is an ongoing malicious activity specifically targeting individuals who work with Defi software or platforms. This includes smart contracts that provide financial services without the involvement of traditional financial institutions such as banks or exchanges.
These recent revelations provide a stark reminder of the constant risk faced by businesses and individuals online, and the importance of staying vigilant against malicious cyber activities.