Lazarus’s Operation Blacksmith Deploys Novel Dlang RATs
Lazarus’s Operation Blacksmith Deploys Novel Dlang RATs
Summary:
The Lazarus Group, a North Korea-linked threat actor, has been identified in a new global campaign called “Operation Blacksmith.” In this campaign, the group opportunistically exploits the security vulnerability CVE-2021-44228 in Log4j to deploy previously undocumented RATs on compromised hosts, namely NineRAT, DLRAT, and BottomLoader, Log4j
Threat Level – Red | Attack Report
For a detailed threat advisory, download the pdf file here
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.