One Article Review
| Source |  The Hacker News |
|---|---|
| Identifiant | 8312842 |
| Date de publication | 2023-02-23 17:17:00 (vue: 2023-02-23 13:08:13) |
| Titre | Lazarus Group Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data |
| Texte | A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the notorious North Korea-aligned Lazarus Group, new findings reveal. The payload, dubbed WinorDLL64 by ESET, is a fully-featured implant that can exfiltrate, overwrite, and delete files; execute PowerShell commands; and obtain comprehensive information about the underlying machine. |
| Notes | ★ |
| Envoyé | Oui |
| Condensat | about aligned associated backdoor been can commands; comprehensive data delete discovered downloader dubbed winordll64 by eset execute exfiltrate featured files; findings fully group implant information korea lazarus likely machine malware named wslink has new north notorious obtain overwrite payload powershell reveal sensitive tool underlying used using winordll64 |
| Tags | Malware Tool Medical |
| Stories | APT 38 |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.