all InfoSec news
Andariel’s silly mistakes and a new malware family
Malware Analysis, News and Indicators - Latest topics malware.news
Introduction
Andariel, a part of the notorious Lazarus group, is known for its use of the DTrack malware and Maui ransomware in mid-2022. During the same period, Andariel also actively exploited the Log4j vulnerability as reported by Talos and Ahnlab. Their campaign introduced several new malware families, such as YamaBot and MagicRat, but also updated versions of NukeSped and, of course, DTrack.
While on an unrelated investigation recently, we stumbled upon this campaign and decided to dig a little …
actively exploited ahnlab andariel campaign dtrack exploited family introduction lazarus lazarus group log4j log4j vulnerability magicrat malware maui maui ransomware period ransomware talos vulnerability