Lazarus Group Exploits Log4j Flaw in New Malware Campaign

North Korean hacking group Lazarus continues to evolve its efforts to avoid detection, with its latest campaign exploiting the Log4j critical vulnerability and introducing three new malware versions written in the DLang programming language. The Lazarus collective, run by the advanced persistent threat group Andariel, is known for its initial access, reconnaissance and long-term access for espionage campaigns supporting the North Korean government’s cyber-operations. This allows them to siphon money and information to aid in their weapons development programmes.