Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data

23 February 2023

A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the notorious North Korea-aligned Lazarus Group, new findings reveal. The payload, dubbed WinorDLL64 by ESET, is a fully-featured implant that can exfiltrate, overwrite, and delete files; execute PowerShell commands; and obtain comprehensive information about the underlying machine.

Read full article on The Hacker News

Date:

23 February 2023

Categorie(s):

NEWS

Tag(s):

Backdoors, IT, Lazarus Group, News

Germany points finger at Fancy Bear for widespread 2023 hacks, DDoS attacks6 May 2024
eBook: CISSP fundamentals in focus6 May 2024
These top cybersecurity firms are vital defenders against evolving digital threats in 20246 May 2024
Celebrating our 12th Anniversary at RSA conference 20245 May 2024
Offensive Awakening: The 2024 Shift from Defensive to Proactive Security5 May 2024