HC3: Lazaraus Group malware targets health systems’ ManageEngine vulnerabilities

The Lazarus Group, identified by Cisco Talus as targeting internet and healthcare entities in Europe and the US, has evolved its MagicRAT malware to exploit a vulnerability in ManageEngine products, according to the Health Sector Cybersecurity Coordination Center. The trojan was deployed within days of the vulnerability’s discovery, enabling remote code execution. The group is also using new malware tools like QuiteRAT and CollectionRAT.