North Korean hackers breached a Taiwanese company and used its systems to deliver malware to the US, Canada, Japan and Taiwan in a supply chain attack, Microsoft reported. The hackers compromised the company’s systems and modified a legitimate application installer. They added malicious code designed to download, decrypt and load a second-stage payload. Microsoft started seeing activity related to this malicious installer on October 20, with the file reaching more than 100 devices in Japan, Taiwan, Canada and the United States.
Read more: https://www.securityweek.com/north-korean-software-supply-chain-attack-hits-north-america-asia/