North Korean Lazarus hackers drop new malware developed on Log4j bug

North Korea’s Lazarus hacking group has been linked to remote access trojans (RATs) and a malware downloader that exploit the Log4Shell vulnerability. This new campaign, dubbed Operation Blacksmith, used an uncommon programming language, DLang, likely to avoid detection. The attacks targeted global enterprises with exposed infrastructure and could execute arbitrary code from LDAP servers. Targets have ranged from government to critical infrastructure, with goals including espionage, data theft, and financial gain.