Tag: lazarus

ESET discovers WinorDLL64 backdoor, likely part of the Lazarus arsenal

February 23, 2023

ESET researchers have discovered the WinorDLL64 backdoor, one of the payloads of the Wslink downloader. The targeted region, and overlap in behavior and code, suggest the tool is used by the infamous APT group Lazarus. Wslink’s payload can exfiltrate, overwrite, and remove files, execute commands, and obtain extensive information about the underlying system. “Wslink, which … More ESET discovers WinorDLL64 backdoor, likely part of the Lazarus arsenal

ESET Research: Lazarus attacks aerospace and defense contractors worldwide while misusing LinkedIn and WhatsApp

June 3, 2022

Over the course of the annual ESET World conference, ESET researchers have been presenting a new investigation into the infamous Lazarus APT Group and their attack on defense contractors around the world between late 2021 and March 2022. · Since the beginning of this campaign, according to ESET Telemetry the targets were in Europe (France, … More ESET Research: Lazarus attacks aerospace and defense contractors worldwide while misusing LinkedIn and WhatsApp

Prime targets: Governments shouldn’t go it alone on cybersecurity

April 29, 2021

A year into the pandemic, ESET reveals new research into activities of the LuckyMouse APT group and considers how governments can rise to the cybersecurity challenges of the accelerated shift to digital. Earlier this year, a well-known APT group dubbed LuckyMouse (aka Emissary Panda, APT27) began exploiting several zero-day Microsoft Exchange Server vulnerabilities. Its end goal? … More Prime targets: Governments shouldn’t go it alone on cybersecurity