Lazarus’s Operation Blacksmith Deploys Novel Dlang RATs

Summary:

The Lazarus Group, a North Korea-linked threat actor, has been identified in a new global campaign called “Operation Blacksmith.” In this campaign, the group opportunistically exploits the security vulnerability CVE-2021-44228 in Log4j to deploy previously undocumented RATs on compromised hosts, namely NineRAT, DLRAT, and BottomLoader, Log4j

Threat Level – Red | Attack Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.