North Korean hackers are suspected of carrying out a supply chain attack that targeted businesses in South Korea using stolen digital certificates. ESET: Attackers used illegally obtained or stolen code-signing certificates to sign the malware samples used as part of the attack. In at least one case, the stolen certificate appears to have come from the U.S. branch of a South Korean security company. The hackers targeted Wizvera VeraPort security software, which is used by many South Korean government agencies, as well as some banking firms.”]
Source: https://www.cuinfosecurity.com/north-korean-hackers-suspected-supply-chain-attacks-a-15384