Lazarus Group Uses ManageEngine Exploit to Unlock Path for QuiteRAT

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

The Lazarus Group, a threat actor associated with North Korea, has been detected utilizing a recently patched critical security vulnerability in Zoho ManageEngine ServiceDesk Plus. This vulnerability was exploited to deploy a remote access trojan known as QuiteRAT.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.