Targeting of CyberLink customers in supply-chain attack
Lazarus Group compromised Taiwanese software provider CyberLink’s network and embedded malicious code in an update of CyberLink’s Promeo software. The attack appeared aimed at compromising the networks of CyberLink customers, including critical government, financial, and defense systems in countries including the United States, Canada, Japan, and Taiwan.
Suspected victims
  • Users of CyberLink’s Promeo software
Suspected state sponsor
  • Korea (Democratic People's Republic of)
Target category
  • Government
  • Private sector
Victim government reaction
  • Unknown
Policy response
Suspected state sponsor response