The Hacker News - Lazarus Group Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data
A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the notorious North Korea-aligned Lazarus Group, new findings reveal. The payload, dubbed WinorDLL64 by ESET, is a fully-featured implant that can exfiltrate, overwrite, and delete files; execute PowerShell commands; and obtain comprehensive information about the underlying machine.
from The Hacker News https://thehackernews.com/2023/02/lazarus-group-using-new-winordll64.html
from The Hacker News https://thehackernews.com/2023/02/lazarus-group-using-new-winordll64.html
Comments
Post a Comment