Lazarus Operation Blacksmith Attacking Organizations Worldwide

The Lazarus Group, a North Korean state-sponsored hacking group known for cyber espionage and destructive attacks, is reportedly using a new malware called NineRAT to target global companies. Cybersecurity researchers discovered the malware using the “Operation Blacksmith” to exploit Log4Shell (CVE-2021-44228). Some feature of NineRAT includes uninstallation from the system using a BAT file, executing commands, system reconnaissance, and hardcoded session ID, among others.