North Korean hackers target European orgs with updated malware
On 15 November 2022, according to a Kaspersky study, North Korean hackers Lazarus are using a new version of the DTrack backdoor to attack organisations in Europe and Latin America.
DTrack is a modular backdoor with a keystroke logger, screenshot logger, browser history retriever, running process spy, IP address logger, network connection information logger and more.
In addition to spying, it can also execute commands to perform file operations, retrieve additional payloads, steal files and data and run processes on the compromised device. Finally, Dtrack hides in an executable that looks like a legitimate program, and there are several decryption steps before the malware payload begins.
Targeted sectors include government research centres, policy institutes, chemical manufacturers, IT service providers, telecommunication providers, utility providers and education.
Read more about it : here