Lazarus Strikes with WinorDLL64 Backdoor Discovered in Wslink Malware loader

Threat Level – Red | Vulnerability Report
Download PDF

A newly discovered backdoor named WinorDLL64 seems to be associated with the malware downloader Wslink. This revelation suggests that Lazarus, the notorious North Korea-aligned group, may have employed this tool. WinorDLL64 enables the manipulation of various files, such as exfiltration, and deletion, as well as executing further commands. 

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox