Lazarus Group Log4j Attacks Spread New Malware Families

North Korean threat group Lazarus has targeted the Log4j flaw in VMware Horizon servers to deploy malware, steal credentials, and profile infected systems. The malicious activity, observed from March to September, indicates a shift in Lazarus’ tactics as it increases the use of non-traditional technologies for malware development. The malware was used against various organizations and sectors, including a South American agricultural entity, a European manufacturer, and a South Korean security firm’s US subsidiary.