Japanese cybersecurity officials issued a warning that North Korea's infamous Lazarus Group hacking group recently launched a supply chain attack on the PyPI software repository for Python apps.
Comebacker is a general-purpose Trojan that can be used to deliver ransomware, steal passwords, and infiltrate the development pipeline, according to analyst and senior director at Gartner Dale Gardner.
The trojan has been used in multiple attacks linked to North Korea, including one against a npm software development repository.
Since PyPI is a centralised service with a global reach, developers worldwide should be aware of the most recent Lazarus Group campaign.
Several experts believe non-native English speakers may be more vulnerable to the Lazarus Group's most recent attack.
Small and startup software businesses in Asia often have lower security budgets than their Western counterparts, according to Macosko.
Developers should use extra caution and care while downloading open source dependencies.
Given the amount of open source used today and the pressures of fast-paced development environments, it's easy for even a well-trained and vigilant developer to make a mistake, Gardner added.
Gardner recommends using software composition analysis tools to evaluate dependencies and detect fakes or legitimate packages that have been compromised.
This Cyber News was published on www.cysecurity.news. Publication date: Tue, 12 Mar 2024 16:13:06 +0000