image credit: Adobe Stock

North Korean Hacker Group Andariel Strikes with New EarlyRat Malware

June 29, 2023

The North Korea-aligned threat actor known as Andariel leveraged a previously undocumented malware called EarlyRat in phishing attacks, adding another piece to the group’s wide-ranging toolset.

“Andariel infects machines by executing a Log4j exploit, which, in turn, downloads further malware from the command-and-control (C2) server,” Kaspersky said in a new report.

Also called Silent Chollima and Stonefly, Andariel is associated with North Korea’s Lab 110, a primary hacking unit that also houses APT38 (aka BlueNoroff) and other subordinate elements collectively tracked under the umbrella name Lazarus Group.

Read More on The Hacker News