Skip to content

[Intel]: https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/ #655

New issue
New issue
Open
Open
[Intel]: https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/#655
Assignees
timb-machine
Labels
missing:tag:Non-persistentStoragemissing:tag:RedirectionToNullmissing:tag:T1021.002missing:tag:T1027.002missing:tag:T1037missing:tag:T1048missing:tag:T1057missing:tag:T1070.004missing:tag:T1071.001missing:tag:T1491missing:tag:T1567missing:tag:T1573
@timb-machine

Description

@timb-machine
timb-machine
opened on May 7, 2023

Area

Malware reports

Parent threat

Initial Access, Persistence, Privilege Escalation

Finding

https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/

Industry reference

attack:T1566.001:Spearphishing Attachment
attack:T1546.004:Unix Shell Configuration Modification
uses:RedirectionToNull
uses:Go

Malware reference

wltm
OdicLoader
SimplexTea

Actor reference

Lazarus

Component

Linux

Scenario

No response

Metadata

Metadata