Researchers at Microsoft Threat Intelligence have revealed details of a supply chain attack by a North Korean-based threat actor using a malicious variant of an application developed by CyberLink Corp., a Taiwanese software company that develops multimedia software products. The threat actor, called Diamond Sleet by Microsoft but far better known in the cybersecurity industry as Lazarus, involves a modified installer for a CyberLink application being used as a conduit for distributing malware.
Source: SiliconANGLE