Lazarus Group's Latest Tactics: Exploiting Log4j and Deploying RAT Malware
Originally Published 2 years ago — by The Register
The Lazarus Group, a North Korean state-sponsored cyber unit, has been using malware strains written in DLang, a memory-safe programming language, in its recent attacks. Cisco Talos discovered at least three DLang-based malware strains used in attacks on organizations in various industries. The attacks, part of "Operation Blacksmith," targeted organizations with n-day vulnerabilities, including the log4j vulnerability. The malware strains, including NineRAT, BottomLoader, and DLRAT, exhibited similar tactics and techniques. DLang is an uncommon choice for writing malware, but there has been an increasing trend among cybercriminals to use newer memory-safe languages like Rust and DLang.