"Lazarus Group Is Still Juicing Log4Shell, Using RATs Written in 'D'"

North Korean hackers continue to exploit Log4Shell, recently using that access to launch one of three new Remote Access Trojans (RATs) written in the "D" (dlang) programming language. The group "Andariel," also known as Onyx Sleet and Plutonium, is one of many entities under Lazarus. Andariel specializes in gaining initial access and maintaining persistence for longer-term espionage campaigns in support of the Kim Jung Un regime. Cisco Talos has observed three notable Andariel attacks since March. One was against a South American agriculture organization. The other two were launched against a European manufacturing company and an American subsidiary of a Korean physical security company. This article continues to discuss the continued exploitation of Log4Shell by Andariel.

Dark Reading reports "Lazarus Group Is Still Juicing Log4Shell, Using RATs Written in 'D'"

Submitted by grigby1