Microsoft accused the hacker group Lazarus, which is believed to be supported by the North Korean government, of conducting a series of attacks using modified open source software such as PuTTY, KiTTY, NightVNC, Sumatra PDF Reader and others.
According to available data, the perpetrators integrate the harmful code into open software, then encourage victims to use such modified disposals, leading to compromise systems. In order to gain the trust of victims hackers, hackers impersonate recruiters from different companies and communicate with target organizations through LinkedIn.
Once a trust relationship has been established in a series of interviews, communication is transferred to the Messenger WhatsApp. Through it hackers distribute modified utilities and convince target company employees to use them. Once such software is launched on the target computer, the system becomes compromised and another harmful software is loaded into it.
," says Microsoft Security Threat Intelligence and Linked In Threat Prevention and Defense.