More robust attack tools have been leveraged by North Korean state-sponsored threat operation Andariel, a Lazarus Group sub-cluster, as it ramped up intrusions against South Korean companies and organizations across different sectors, according to The Hacker News. Andariel, also known as Silent Chollima and Nice, has utilized supply chain attacks, spear-phishing operations, and other initial infection vectors to facilitate the deployment of various malware, including Gh0st RAT, Andarat, EarlyRAT, and TigerRAT, as well as its MagicRAT and QuiteRAT variants, a report from the AhnLab Security Emergency Response Center revealed.

Source: SC Magazine