North Korea’s progressive threat (APT), Lazarus, is working to launch a cyberespionage-based attack on chains to provide its multi-platform MATA framework.
The North Korean state APT is launching a new variant of the BlindingCan RAT to breach a Latvian IT vendor.
The MATA malware framework can run three applications: Windows, Linux and MacOS. MATA has historically been used to steal customer information and distribute ransomware to various industries, but in June, Kaspersky researchers tracked Lazarus using MATA cyber-espionage.
Lazarus used a downloader named Racket that the threat actors signed with a stolen certificate, as part of the infection chain against the Latvian asset-monitoring tool vendor.
Source: Threatpost
For more such updates follow us on Google News ITsecuritywire News