#OperationBlacksmith

Lazarus hackers drop new RAT malware using 2-year-old Log4j bug

by

December 11, 2023 at 04:29PM Lazarus, the North Korean hacking group, is utilizing CVE-2021-44228 to launch new malware families written in DLang as part of “Operation Blacksmith.” This campaign, targeting various industries, demonstrates the group’s evolving tactics. The new malware includes the remote access trojans NineRAT and DLRAT, as well as the downloader BottomLoader. Lazarus … Read more

Memory-safe languages so hot right now, agrees Lazarus Group as it slings DLang malware

by

December 11, 2023 at 01:13PM Research revealed that Lazarus Group used novel malware strains written in the atypical programming language DLang. The attacks, part of “Operation Blacksmith,” targeted organizations in various industries. This included the use of NineRAT and BottomLoader, with DLang’s usage representing a shift towards newer languages in malware coding, mirroring trends in … Read more