Name: CyberLink
Start: 2023-11-22

CyberLink

#CyberLink • 2023-11

🇹🇼 Taiwan

#SupplyChain #Technology

Microsoft Threat Intelligence identified a supply chain attack by the North Korean group Diamond Sleet (ZINC) involving a compromised CyberLink application installer. The installer, signed with a valid CyberLink certificate, was modified to include malicious code that downloads a second-stage payload. This attack affected over 100 devices in countries like Japan, Taiwan, Canada, and the U.S. Microsoft has notified CyberLink, alerted affected customers, and taken measures such as adding the compromised certificate to its disallowed list and updating security detections.

3

Related Reports
1

Affected Countries
31

Months Since

Related Actors

Diamond Sleet

Microsoft

How Microsoft names threat actors

Associated with: Zinc

First seen: 2023-04 • Last seen: 2024-02

Related Reports

2024-03-07

S/2024/215 Final report of the Panel of Experts

#Andariel #Kimsuky #Scarcruft #Sanctions #Bluenoroff #Qubit #Eterbase #KuCoin #Coinrail #Indodax #JumpCloud #bZx #Alphapo #CoinsPaid #CoinEx #Poloniex #CyberLink #HECO #HTX #AlgoCapital #OrbitBridge #Terraport #Merlin #Steadefi #Fantom #UnoRe #NexusMutual #CoinTiger #Bondly #DeFiance #MGNR #Fetchai #EasyFi #FinNexus #Cryptopia #BiKi #CoinBene #Gateio #Bancor #Tradeio #CoinSecure #Taylor #Cypherium

2023-12-29

Checkmarx

JetBrains TeamCity Compromised: North Korea and Russia Target High-Value Supply Chain Links

#DiamondSleet #CVE-2023-42793 #CyberLink

2023-11-22

Microsoft

Diamond Sleet supply chain compromise distributes a modified CyberLink installer

#DiamondSleet #LambLoad #CyberLink

« Back