Lazarus leverages Dacls Trojan to infect Windows and Linux systems

    Date25 Dec 2019
    Posted ByBrittany Day
    Lazarus Remote Access Trojan Dacls Used On Linux And Windows En

    Security experts from Netlab 360 have uncovered a new Remote Access Trojan (RAT) used on Linux and Windows operating systems – currently being used in the wild by exploiting a known code execution vulnerability. Dubbed Dacls, the malware was in use since at least May this year and is attributed to the North Korean advanced persistent threat group Lazarus, also known as Hidden Cobra, Guardians of Peace, or Zinc. Learn more:

    Netlab 360 researchers have found a suspicious .ELF file in at the end of October, and initially thought that it is a part of a malicious unknown botnet. However, a further investigation proved connections to the Lazarus APT:

    Lazarus hacking group is believed to be funded by the North Korean government and is responsible for such high-profile attacks like Sony's Operation Blockbuster in 2014, as well as a global outbreak of WannaCry ransomware infections in 2017. Although the APT is known to be leveraging already established malware like Trickbot or Mimikatz, it is also capable of creating its own RATs, as in the case with Dacls.

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"81","type":"x","order":"1","pct":56.25,"resources":[]},{"id":"88","title":"Should be more technical","votes":"21","type":"x","order":"2","pct":14.58,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"42","type":"x","order":"3","pct":29.17,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.