MATA Malware Framework Latest Move for North Korean Hackers


Kaspersky is alerting SOC teams to a new malware framework it has discovered and linked to the notorious North Korean hacking group known as Lazarus.

Dubbed “MATA,” the framework has apparently been in use since around April 2018, mainly to aid in attacks designed to steal customer databases and distribute ransomware.

Since that time it appears to have been deployed in a wide variety of scenarios, targeting e-commerce firms, software developers and ISPs across Poland, Germany, Turkey, Korea, Japan and India.

The framework itself gives its controllers the flexibility to target Windows, Linux and macOS, and consists of several components including loader, orchestrator and plugins.

Kaspersky tied its use to the Lazarus group, which has been engaged for years in cyber-espionage and sabotage and, via its Bluenoroff subgroup, attempts to accrue illicit funds for its Pyongyang masters. The group was pegged for WannaCry, as well as sophisticated attacks on financial institutions including the infamous $81m raid of Bangladesh Bank.

Kaspersky senior researcher, Seongsu Park, argued that the latest attacks linked to Lazarus show it is willing to invest serious resources to develop new malware toolsets in the hunt for money and data.

“Furthermore, writing malware for Linux and macOS systems often indicates that the attacker feels that he has more than enough tools for the Windows platform, which the overwhelming majority of devices are run on. This approach is typically found among mature APT groups” he added.

“We expect the MATA framework to be developed even further and advise organizations to pay more attention to the security of their data, as it remains one of the key and most valuable resources that could be affected.”

The security vendor urged SOC teams to access the latest threat intelligence feeds, install dedicated security on all Windows, macOS and Linus endpoints, and to back-up regularly.



Source link

Recent articles

‘The Umbrella Academy’ Season 3: Plot, Cast & What to Expect

The Umbrella Academy – Copyright. Universal Cable ProductionsIt was another phenomenal season of The Umbrella Academy on Netflix, and we’re already extremely excited...

Will Congress Act on Covid Soon? ‘I’m Not Optimistic’

The debate continues over the coronavirus stimulus, and Joe Arpaio, 88, comes back on the scene (yes, really). It’s Monday, and this is...

Havenly discloses data breach after 1.3M accounts leaked online

Havenly, a US-based interior design web site, has disclosed a data breach after a hacker posted a database containing 1.3 million user records for...

P&W makes significant cuts to Singapore workforce | News

Pratt & Whitney, which in recent days refuted rumours that it had axed workers in Singapore, has cut a portion of its workforce...

FIFA World Cup 2022™ – News – Congo DR’s Kiassumbua keen for more World Cup glory

Joel Kiassumbua plays in goal for Congo DR A FIFA U-17 World...

Why the U.S. Dropped Atomic Bombs on Japan

UNCONDITIONALThe Japanese Surrender in World War IIBy Marc GallicchioEvery August, newspapers are dotted with stories of Hiroshima and Nagasaki, accompanied by a well-picked-over...

Leave a reply

Please enter your comment!
Please enter your name here