Summary: North Korea’s Lazarus Group executed a large-scale supply chain attack, dubbed Phantom Circuit, targeting the cryptocurrency industry by embedding backdoors in cloned legitimate software. Security researchers noted the attack compromised over 1,200 victims globally, stealing credentials and sensitive data. The operation reveals a shift in tactics for the group, focusing on evading detection while maintaining long-term access to compromised systems.
Affected: Cryptocurrency industry, software developers, affected organizations globally
Keypoints :
- Operation Phantom Circuit utilized backdoored clones of legitimate software to target users in the cryptocurrency sector.
- Over 1,225 victims were identified, with a significant number of attacks concentrated in Europe and India.
- Lazarus Group employed advanced tactics, including obfuscation and layered infrastructure to conceal their activities and facilitate data exfiltration.
Source: https://www.theregister.com/2025/01/29/lazarus_groups_supply_chain_attack/