New malware from North Korea’s Lazarus used against healthcare industry

The North Korean hacking group, Lazarus, is reportedly using a new form of malware to attack healthcare and internet infrastructure in Europe and the U.S. Security researchers at Cisco Talos discovered that the hackers are exploiting a vulnerability in ManageEngine, a software suite utilized by Fortune 100 organizations amongst others. The malware QuiteRAT, used for data gathering, builds on earlier malware MagicRAT, and is complemented by another threat called CollectionRAT. A third Lazarus campaign tracked in a year, this highlights the increasing use of open-source tools to expedite the exploitation process.