软餐获悉,微软威胁情报团队发现,来自朝鲜的黑客组织 Diamond Sleet(更广为人知的名字是 Lazarus)正在分发台湾软件制造商 CyberLink(讯连科技)的合法应用程序的恶意篡改版本。微软在 100 多台设备上发现了该恶意安装程序。Diamond Sleet 黑客组织通过添加恶意 Lambload 可执行文件来修改官方版本。微软没有透露涉及讯连哪款软件,有人指出可能是视频和照片编辑软件 Promeo。目前尚不清楚该恶意软件的目的是什么。Diamond Sleet 黑客组织曾多次从被攻击的设备中窃取敏感数据并破坏 “软件构建环境”。微软已将此事通知讯连科技。
[A North Korean hacking group is spreading tampered versions of software from CyberLink, a Taiwanese technology company] Microsoft’s Threat Intelligence team has discovered that the North Korean hacking group Diamond Sleet (more commonly known as Lazarus) is distributing maliciously altered versions of legitimate applications from Taiwanese software manufacturer CyberLink. Microsoft detected the malicious installation on over 100 devices. The Diamond Sleet hacking group modified the official versions by adding a malicious executable called Lambload. Microsoft has not disclosed which specific CyberLink software is involved, but it is speculated to be the video and photo editing software Promeo. The purpose of this malicious software is currently unclear. The Diamond Sleet hacking group has previously stolen sensitive data and disrupted software build environments from targeted devices. Microsoft has notified CyberLink about the incident.
微信扫一扫