Apr 25, 2024NewsroomMalware / Cyber Threat The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT. The malware could, “aside from standard RAT functionality, change the last write timestamp of a selected file and load any received DLL binary from […]
The exploit allowed Lazarus to enhance its FudModule rootkit, enabling it to evade detection and disable security protections. Additionally, a previously undocumented remote access trojan (RAT) used by Lazarus was discovered.
Feb 29, 2024NewsroomRootkit / Threat Intelligence The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can permit an attacker to gain SYSTEM privileges. It […]
The stolen funds are believed to be linked to North Korean hacking groups, such as Lazarus, who use cryptocurrency cyberattacks to bypass international sanctions and finance their weapons development program.
The North Korea-linked threat group Lazarus has been attributed to a new global campaign that exploits the infamous Log4j flaw to deploy three previously undocumented DLang-based malware – NineRAT, DLRAT, and BottomLoader. The campaign, dubbed Operation Blacksmith, is believed to have been active since March, targeting organizations in the manufacturing, agriculture, and physical security sectors. […]
Dec 11, 2023NewsroomVulnerability / Espionage The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans (RATs) on compromised hosts. Cisco Talos is tracking the activity under the name Operation […]
Sinbad has processed millions of dollars’ worth of virtual currency from Lazarus Group heists, including the Horizon Bridge and Axie Infinity heists,” reads a Department of Treasury press statement.
Nov 11, 2023NewsroomThreat Intelligence / Cybercrime A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns. Microsoft attributed the activity to a threat actor it calls Sapphire Sleet, describing it as a “shift in the persistent actor’s tactics.” Sapphire Sleet, also called […]
Oct 27, 2023NewsroomCyber Attack / Malware The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software. The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and […]
- 1
- 2