Lazarus Exploits Log4Shell to Deploy Telegram-Based Malware

North Korean hacking group, Lazarus Group, is exploiting a vulnerability known as Log4Shell to compromise systems in manufacturing, agriculture, and physical security sectors. This malware campaign, deemed “Operation Blacksmith”, deploys three new malware families utilizing the DLang programming language. The activity has been tied to Lazarus Group subgroup Onyx Sleet, which previously stole 1.2 terabytes of data and extorted about $357,000 in bitcoin from various companies.