Researchers Uncover New Lazarus Group Malware Details

The Lazarus Group is shifting its tactics, increasingly using open-source tools and frameworks in the early stages of their attacks. They have reused infrastructure that has been identified by the security community, allowing researchers to track these components and identify new malware, CollectionRAT. Other tools include a malicious copy of the PuTTY Plink reverse tunneling tool and a beacon from DeimosC2 framework, showing the group’s evolving techniques.