Saturday, March 6, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

North Korean Hackers Spotted Using New Multi-Platform Malware Framework

July 23, 2020
in Internet Privacy
North Korean Hackers Spotted Using New Multi-Platform Malware Framework
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Lazarus Group, the notorious hacking group with ties to the North Korean regime, has unleashed a new multi-platform malware framework with an aim to infiltrate corporate entities around the world, steal customer databases, and distribute ransomware.

Capable of targeting Windows, Linux, and macOS operating systems, the MATA malware framework — so-called because of the authors’ reference to the infrastructure as “MataNet” — comes with a wide range of features designed to carry out a variety of malicious activities on infected machines.

You might also like

Researchers Find 3 New Malware Strains Used by SolarWinds Hackers

Bug in Apple’s Find My Feature Could’ve Exposed Users’ Location Histories

Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!

The MATA campaign is said to have begun as early as April of 2018, with the victimology traced to unnamed companies in software development, e-commerce and internet service provider sectors situated in Poland, Germany, Turkey, Korea, Japan, and India, cybersecurity firm Kaspersky said in its Wednesday analysis.

The report offers a comprehensive look at the MATA framework, while also building on previous evidence gathered by researchers from Netlab 360, Jamf, and Malwarebytes over the past eight months.

Last December, Netlab 360 disclosed a fully functional remote administration Trojan (RAT) called Dacls targeting both Windows and Linux platforms that shared key infrastructure with that operated by the Lazarus Group.

Then in May, Jamf and Malwarebytes uncovered a macOS variant of Dacls RAT that was distributed via a trojanized two-factor authentication (2FA) app.

North Korean Hackers Ransomware Attack

In the latest development, the Windows version of MATA consists of a loader used to load an encrypted next-stage payload — an orchestrator module (“lsass.exe”) capable of loading 15 additional plugins at the same time and executing them in memory.

The plugins themselves are feature-rich, boasting features that allow the malware to manipulate files and system processes, inject DLLs, and create an HTTP proxy server.

MATA plugins also allow hackers to target Linux-based diskless network devices such as routers, firewalls or IoT devices, and macOS systems by masquerading as a 2FA app called TinkaOTP, which is based on an open-source two-factor authentication application named MinaOTP.

Once the plugins were deployed, the hackers then tried to locate the compromised company’s databases and execute several database queries to acquire customer details. It’s not immediately clear if they were successful in their attempts. Furthermore, Kaspersky researchers said MATA was used to distribute VHD ransomware to one anonymous victim.

Kaspersky said it linked MATA to the Lazarus Group based on the unique file name format found in the orchestrator (“c_2910.cls” and “k_3872.cls”), which has been previously seen in several variants of the Manuscrypt malware.

North Korean Hackers Ransomware Attack

The state-sponsored Lazarus Group (also called Hidden Cobra or APT38) has been linked to many major cyber offensives, including the Sony Pictures hack in 2014, the SWIFT banking hack in 2016, and the WannaCry ransomware infection in 2017.

Most recently, the APT added web skimming to their repertoire, targeting the U.S. and European e-commerce websites to plant JavaScript-based payment skimmers.

The hacking crew’s penchant for carrying out financially motivated attacks led the U.S. Treasury to sanction the group and its two off-shoots, Bluenoroff and Andariel, last September.


Credit: The Hacker News By: noreply@blogger.com (Ravie Lakshmanan)

Previous Post

Twitter says hackers accessed DMs for 36 users in last week's hack

Next Post

Asean firms stick to familiar security tools, with growing interest in newer options

Related Posts

Researchers Find 3 New Malware Strains Used by SolarWinds Hackers
Internet Privacy

Researchers Find 3 New Malware Strains Used by SolarWinds Hackers

March 6, 2021
Bug in Apple’s Find My Feature Could’ve Exposed Users’ Location Histories
Internet Privacy

Bug in Apple’s Find My Feature Could’ve Exposed Users’ Location Histories

March 6, 2021
Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!
Internet Privacy

Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!

March 6, 2021
Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount
Internet Privacy

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

March 5, 2021
CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws
Internet Privacy

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

March 5, 2021
Next Post
Asean firms stick to familiar security tools, with growing interest in newer options

Asean firms stick to familiar security tools, with growing interest in newer options

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Cyberattack shuts down online learning at 15 UK schools
Internet Security

Cyberattack shuts down online learning at 15 UK schools

March 6, 2021
Facebook enhances AI computer vision with SEER
Machine Learning

Facebook enhances AI computer vision with SEER

March 6, 2021
Microsoft Exchange zero-day vulnerabilities exploited in attacks against US local governments
Internet Security

Microsoft Exchange zero-day vulnerabilities exploited in attacks against US local governments

March 6, 2021
Hands-on Guide to Interpret Machine Learning with SHAP –
Machine Learning

Hands-on Guide to Interpret Machine Learning with SHAP –

March 6, 2021
$100 in crypto for a kilo of gold: Scammer pleads guilty to investor fraud
Internet Security

$100 in crypto for a kilo of gold: Scammer pleads guilty to investor fraud

March 6, 2021
Revolution by Artificial Intelligence, Machine Learning and Deep Learning in the healthcare industry
Machine Learning

Revolution by Artificial Intelligence, Machine Learning and Deep Learning in the healthcare industry

March 6, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Cyberattack shuts down online learning at 15 UK schools March 6, 2021
  • Facebook enhances AI computer vision with SEER March 6, 2021
  • Microsoft Exchange zero-day vulnerabilities exploited in attacks against US local governments March 6, 2021
  • Hands-on Guide to Interpret Machine Learning with SHAP – March 6, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates