https://www.facebook.com/itzonepakistan
×

Archives

  • July 2025
  • June 2025
  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2021
  • February 2021
  • December 2020
  • November 2020
  • April 2019

Categories

  • Business
  • DMS
  • Networking
  • Technology
  • Tips
  • Uncategorized

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

HOW TO SHOP

1 Login or create new account.
2 Review your order.
3 Payment & FREE shipment

If you still have problems, please let us know, by sending an email to support@website.com . Thank you!

SHOWROOM HOURS

Mon-Fri 9:00AM - 6:00AM
Sat - 9:00AM-5:00PM
Sundays by appointment only!
social sharing

SIGN IN YOUR ACCOUNT TO HAVE ACCESS TO DIFFERENT FEATURES

FORGOT YOUR PASSWORD?

FORGOT YOUR DETAILS?

AAH, WAIT, I REMEMBER NOW!
QUESTIONS? CALL: 03144 166 777
  • LOGIN
  • SUPPORT

IT Zone Pakistan

IT Zone Pakistan

IT ZONE PAKISTAN – Secure Document Scanning, DMS Retrieval, Shredding Services & IT Recycling

T (31) 44 166 777
Email: sales@itzonepakistan.com

IT Zone Pakistan
II Chundriger Road Uni Plaza Karachi-Pakistan

Open in Google Maps
  • Home – IT Zone
  • About Us
  • Our Services
    • Office Paper Shredding Service – Free of Charge!
    • Document Scanning Services
    • Document Management Software
    • Office Computer Scrap Buying
  • Shop
  • BLOG & STORIES
    • EVENTS
  • Contact Us
  • MY CART
    No products in cart.
FREEQUOTE
  • Home
  • BLOG & STORIES
  • Uncategorized
  • North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks – The Hacker News
July 27, 2025

North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks – The Hacker News

North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks – The Hacker News

by admin / Wednesday, 12 October 2022 / Published in Uncategorized

A “highly operational, destructive, and sophisticated nation-state activity group” with ties to North Korea has been weaponizing open source software in their social engineering campaigns aimed at companies around the world since June 2022.
Microsoft’s threat intelligence teams, alongside LinkedIn Threat Prevention and Defense, attributed the intrusions with high confidence to Zinc, a threat group affiliated with Lazarus which is also tracked under the name Labyrinth Chollima.
Attacks targeted employees in organizations across multiple industries, including media, defense and aerospace, and IT services in the U.S., the U.K., India, and Russia.
The tech giant said it observed Zinc leveraging a “wide range of open-source software including PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and muPDF/Subliminal Recording software installer for these attacks.”
According to CrowdStrike, Zinc “has been active since 2009 in operations aimed at collecting political, military, and economic intelligence on North Korea’s foreign adversaries and conducting currency generation campaigns.”
The latest findings dovetail with a recent report from Google-owned Mandiant, which uncovered the adversary’s use of PuTTY via fraudulent job lures shared with potential targets on LinkedIn as part of a campaign dubbed Operation Dream Job.
This involves establishing initial connections with individuals by posing as recruitment professionals as a trust-building exercise, before moving the conversation to WhatsApp, where a tailored lure document or seemingly benign software is shared, effectively activating the infection sequence.
A successful compromise is followed by the threat actor moving laterally across the network and exfiltrating collected information of interest by deploying a backdoor called ZetaNile (aka BLINDINGCAN OR AIRDRY).
But in a bid to evade security defenses and avoid raising red flags, the implant is downloaded only when the victim uses the SSH clients to connect to a specific IP address through the credentials specified in a separate text file.
Likewise, attacks employing the trojanized version of TightVNC Viewer are configured to install the backdoor only when the user selects a particular remote host from the options provided.
“Zinc attacks appear to be motivated by traditional cyberespionage, theft of personal and corporate data, financial gain, and corporate network destruction,” the company said.
“Zinc attacks bear many hallmarks of state-sponsored activities, such as heightened operational security, sophisticated malware that evolves over time, and politically motivated targeting.”
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.

source

  • Tweet

About admin

What you can read next

Cloud Computing in Pharmaceutical Market Projected to Show … – Digital Journal
IDF pilots exposed classified information, including preparations for striking Iran – Haaretz
How to take and submit a photo to a Google Classroom – Android Police

Recent Posts

  • uniFLOW 2021 LTS – Combining The Power of the Cloud with the Flexibility of On-Premise – Industry Analysts, Inc.

    source...
  • Video: How to scan to a PDF file with free software – Foxit Reader – experts-exchange.com

    source...
  • Europe Document Management Services Market Size [2028] – Fortune Business Insights

    source...
  • You don’t need to own a printer. Do this instead. – washingtonpost.com

    source...
  • Brother ADS-1700W Review – PCMag Australia

    source...

Recent Comments

    Featured Posts

    • uniFLOW 2021 LTS – Combining The Power of the Cloud with the Flexibility of On-Premise – Industry Analysts, Inc.

      0 comments
    • Video: How to scan to a PDF file with free software – Foxit Reader – experts-exchange.com

      0 comments
    • Europe Document Management Services Market Size [2028] – Fortune Business Insights

      0 comments
    • You don’t need to own a printer. Do this instead. – washingtonpost.com

      0 comments
    • Brother ADS-1700W Review – PCMag Australia

      0 comments

    Archives

    • July 2025
    • June 2025
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • January 2023
    • December 2022
    • November 2022
    • October 2022
    • September 2022
    • August 2022
    • July 2021
    • February 2021
    • December 2020
    • November 2020
    • April 2019

    Categories

    • Business
    • DMS
    • Networking
    • Technology
    • Tips
    • Uncategorized

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org

    GET A FREE QUOTE

    Please fill this for and we'll get back to you as soon as possible!

    FACEBOOK

    2,175
    LIKES

    TWITTER

    1,050
    Followers

    PINTEREST

    101
    follower

    FOOTER MENU

    • Terms and Conditions
    • F.A.Q.
    • Our Services
    • BLOG & STORIES

    NEWSLETTER SIGNUP

    By subscribing to our mailing list you will always be update with the latest news from us.

    We never spam!

    GET IN TOUCH

    II Chundriger Road Uni Plaza Karachi-Pakistan
    Email: Info@Itzonepakistan.com
    Phone:
    Direct+92-314-4166-777
    Sales+92-313-8854-133

    Social Platform

    • Tweet
    • Pin It

    RSS ARY NEWS

    • Why Is Lady Diana’s childhood home passing to her nephew, not William or Harry? July 27, 2025
    • GET SOCIAL
    IT Zone Pakistan

    Copyright @2024-25. All rights reserved | Design & Develop IT Zone Pakistan.

    TOP