Establishing the TigerRAT and TigerDownloader malware families
released on 2021-12-27 @ 12:22:16 PM
Andariel group is a state-sponsored threat actor. It is a subgroup of the Lazarus cybercrime group, considered one of the most sophisticated North Korean threat actors to which threat researchers have attributed many attacks from 2009 to 2021. In September 2021 researchers reported a multistage attack with two unknown pieces of code which they call TigerDownloader and TigerRAT. It has been attributed to Andariel group.