"North Korea's Lazarus APT Uses GUI Framework to Build Stealthy RAT"

In recent attacks targeting healthcare organizations and an Internet infrastructure company, the North Korean state-sponsored cyber threat group Lazarus launched a new highly evasive Remote Access Trojan (RAT) called "QuiteRAT." QuiteRAT is an upgraded variant of another RAT the group used in 2022 called "MagicRAT," which was itself a successor to 2021's "TigerRAT." It can steal information about its host machine and user as well as execute commands, and at four to five megabytes, it barely leaves a trace in a target network. According to researchers, QuiteRAT is built on Qt, a framework for designing Graphical User Interfaces (GUIs). The RAT uses this framework as a disguise to avoid malware detection tools. This article continues to discuss findings regarding QuiteRAT. 

Dark Reading reports "North Korea's Lazarus APT Uses GUI Framework to Build Stealthy RAT"