Date of report
- July 2023
Affiliations
North Korean threat actor Lazarus Group used spear-phishing lures to distribute GitHub repositories, usually pretending to be media players or cryptocurrency trading tools, which contain malicious code. The attacks share commonalities with another North Korean cyberattack detected in June 2022, TraderTraitor.
Suspected victims
- GitHub users interested in cryptocurrency
Suspected state sponsor
- Korea (Democratic People's Republic of)
Type of incident
- Espionage
Target category
- Private sector