2024-03-07
UN
S/2024/215 Final report of the Panel of Experts
#CyberLink
#JumpCloud
#Andariel
#Kimsuky
#BlueNoroff
#ScarCruft
#Alphapo
#CoinsPaid
#Merlin
#Steadefi
#Fantom
#Terraport
#UnoRe
#HECO
#HTX
#OrbitBridge
#Poloniex
#NexusMutual
#Indodax
#CoinEx
#bZx
#Qubit
#DeFiance
#Bondly
#Fetchai
#MGNR
#EasyFi
#FinNexus
#Eterbase
#KuCoin
#Cryptopia
#AlgoCapital
#CoinTiger
#BiKi
#CoinBene
#Gateio
#Coinrail
#Bancor
#Tradeio
#CoinSecure
#Cypherium
#Taylor
#Sanctions
CyberLink
#CyberLink
- Reported: 2023-11
- Locations: Taiwan
- Motivations: #SupplyChain
- Sectors: #Technology
Summary
Microsoft Threat Intelligence identified a supply chain attack by the North Korean group Diamond Sleet (ZINC) involving a compromised CyberLink application installer. The installer, signed with a valid CyberLink certificate, was modified to include malicious code that downloads a second-stage payload. This attack affected over 100 devices in countries like Japan, Taiwan, Canada, and the U.S. Microsoft has notified CyberLink, alerted affected customers, and taken measures such as adding the compromised certificate to its disallowed list and updating security detections.