GitHub warns of Lazarus Group’s social engineering campaign targeting developers
« Social engineering is a type of psychological attack that exploits human behavior and its cognitive biases. It generally consists of: trick the victim into divulging sensitive information that could be used for criminal purposes. fraudulent or criminal purposes. ». This is the definition provided on the website of the famous security software. AVG.
The IBM company, as for she gives us concrete examples: “ An email appearing to come from a trusted provider who asks you to update your email address. update your credit card information, a threatening voice message from someone posing as a tax authority, or a foreign potentate offering to help you with your debt or enrich yourself: these are not the just a few examples of social engineering. » According to GitHub, Lazarus Group uses this technique to deceive developers.
Lazarus Group, a group of hackers
Lazarus therefore brings together hackers. But this group is one of a kind. Indeed, it benefits from almost official sponsorship from North Korea. This entity affiliated with The North Korean state is also accused of having perpetrated this crime. a theft of 80 million USD targeting the Bangladesh bank.
For several years, the group seems to be focusing on the crypto ecosystem. Its members are said to be responsible for numerous crypto exploits. According to an article published on Le Journal du Coin on October 9, 2023: “ On the last 5 attacks attributed to Lazarus, 4 targeted centralized platforms… In total, over the last 104 days, Lazarus Group would be at; the origin of the theft of more than 240 million dollars in cryptocurrencies. »
This misdeed is in addition to the theft of more than 617 million USD in USDC and Ethereum tokens via a game built on Axie Infinity.
GitHub warns us about Lazarus Group
According to GitHub, Lazarus Group uses currently studying social engineering to achieve this. its ends. Thanks to using this technique, these malicious individuals access the accounts of employees of technology companies. They then use it to contact developers. Their main targets operate in the following sectors:
- Cryptocurrencies;
- Cyber security;
- Games money online.
These North Korean pirates take their time to establish a relationship of trust with their interlocutors. Then, they invite them to collaborate on a project. They then claim that this requires cloning a GitHub repository. These projects would call on malicious NPM dependencies. Malware is then installed on victims’ devices.
Threats are everywhere!
The situation is even more alarming when some hackers are even supported by governments. Whatever happens, there are always solutions to protect yourself and stay healthy and safe from malicious attacks. At Appwapp, we develop secure sites and applications. Proven protocols are deployed to overcome attacks! Join us us now!
