"North Korea's Lazarus Group Targets IT Supply Chains with MATA Malware"

The North Korea-backed Advanced Persistent Threat (APT) group Lazarus is now using improved malware variants. Lazarus is known for conducting state-sponsored cyberespionage. The Lazarus group's latest supply chain attack campaigns have been found targeting multiple downstream companies. Cybersecurity experts have found that the attackers behind the Lazarus group used MATA malware, and backdoors called Blindingcan and Copperhedge to attack the defense sector, a software solutions vendor in Latvia, and a think tank in South Korea. Previously, the Lazarus group used MATA malware to attack commerce and IT firms in India, South Korea, Poland, Germany, Turkey, and Japan to deliver ransomware and steal information. However, in the latest campaign, the group used MATA malware for cyberespionage activities. A Trojanized version of the malware was used to carry out a multi-staged infection chain. The latest malware campaigns show that the group is growing increasingly interested in leveraging trusted IT supply chain vendors to infiltrate corporate networks. This article continues to discuss findings surrounding the Lazarus Group's recent targeting of IT supply chains. 

CISO MAG reports "North Korea's Lazarus Group Targets IT Supply Chains with MATA Malware"