The attack leverages social engineering tactics, including fake job interviews and compromised NPM packages, to deceive developers into executing malicious scripts. The malware campaign involves a multi-stage modular approach, using techniques such as Base64 encoding and zlib compression to obfuscate the malicious code. Lazarus Group uses social engineering tactics like the “ClickFix” method, where users are tricked into executing malicious scripts by clicking on seemingly legitimate buttons. The notorious Lazarus Group, a North Korean Advanced Persistent Threat (APT) group, has been linked to a sophisticated campaign targeting software developers. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The use of sophisticated social engineering tactics and obfuscated malware shows the need for strict vigilance and robust cybersecurity measures. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. This script reverses the input string, decodes it using Base64, decompresses the result with zlib, and then executes the reconstructed Python code using the exec() function. Another tactic involves fake recruiter profiles on platforms like LinkedIn and GitHub, inviting developers to participate in online interviews. During these interviews, candidates are asked to execute malicious code, leading to the installation of malware. Tushar is a Cyber security content editor with a passion for creating captivating and informative content. This campaign involves the use of infostealer malware, designed to steal sensitive information from developers’ systems.
This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 14 Feb 2025 19:10:16 +0000