Lazarus Group's infrastructure reuse leads to discovery of new malware
released on 2023-08-24 @ 02:54:47 PM
In the Lazarus Group’s latest campaign, which is detailed in a recent blog, the North Korean state-sponsored actor is exploiting CVE-2022-47966, a ManageEngine ServiceDesk vulnerability to deploy multiple threats. In addition to their “QuiteRAT” malware, which is covered in the blog, it was also discovered Lazarus Group is using a new threat called “CollectionRAT.”