Security News > 2023 > December > Memory-safe languages so hot right now, agrees Lazarus Group as it slings DLang malware

Research into Lazarus Group's attacks using Log4Shell has revealed novel malware strains written in an atypical programming language.

At least three new DLang-based malware strains have been used in attacks on worldwide organizations spanning the manufacturing, agriculture, and physical security industries, Cisco Talos revealed today.

The attacks form part of what's being called "Operation Blacksmith" and are attributed to a group tracked as Andariel, believed to be a sub-division of the Lazarus Group - North Korea's state-sponsored offensive cyber unit.

The group itself is typically tasked with gaining access to organizations and long-term access for cyber espionage campaigns, but has been known to carry out ransomware attacks.

Finally, DLRAT acts as a downloader for additional malware payloads, gathers session information before returning it to the attackers, and also has RAT capabilities.

The researchers noted that DLang is an uncommon choice for writing malware, but a shift towards newer languages and frameworks is one that's been accelerating over the last few years - in malware coding as in the larger programming world.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/12/11/lazarus_group_edang/