Researchers outline the Lazarus APT offensive toolset

Researchers from ESET discovered and analysed a collection of harmful tools used by the Lazarus APT organisation in assaults around the end of 2021. The attack began with spear phishing emails with malicious Amazon-themed papers, and it targeted a Dutch aerospace firm employee and a Belgian political journalist. The attackers’ primary objective was data exfiltration. Lazarus also employed BLINDINGCAN, a full-featured HTTP(S) backdoor. This remote access trojan (RAT), according to ESET, includes a comprehensive server-side controller with a user-friendly interface that allows the operator to manipulate and study affected computers. Read More…