Summary: The Lazarus Group, a North Korean threat actor, has been using a sophisticated web-based administrative platform to manage its command-and-control (C2) operations, which are central to their cyber campaigns targeting the cryptocurrency sector. The group has executed operations like the Operation Phantom Circuit supply chain attack, affecting over 233 victims globally through deceptive means, including job offers on LinkedIn. This advanced infrastructure utilizes obfuscated backdoors embedded in legitimate software to facilitate data exfiltration and victim control.
Affected
Source: https://thehackernews.com/2025/01/lazarus-group-uses-react-based-admin.html