Andariel Hackers Target South Korean Institutes with New Dora RAT Malware | Cybersecurity

Jun 03, 2024. Newsroom Malware / Cyber Attack.

The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting educational institutes, manufacturing firms, and construction businesses in South Korea.

“Keylogger, Infostealer, and proxy tools on top of the backdoor were utilized for the attacks,” the AhnLab Security Intelligence Center (ASEC) said in a report published last week. “The threat actor probably used these malware strains to control and steal data from the infected systems.”

The attacks are characterized by the use of a vulnerable Apache Tomcat server to distribute the malware, the South Korean cybersecurity firm added, noting the system in question ran the 2013 version of Apache Tomcat, making it susceptible to several vulnerabilities.

Andariel, also known by the name Nicket Hyatt, Onyx Sleet, and Silent Chollima, is an advanced persistent threat (APT) group that operates on behalf of…


Advertisement Gaming:   Xbox  |  Xbox Bundles  |  Nintendo  |  Playstation  |  Cards   | 
FTC: We use income earning affiliate links. More on Sposored links.
Terms of use and third-party services. More here.
Ad Amazon Minecraft the game, plus clothing, toys, and accessories.
Ad Amazon Gaming Laptops, clothing, games and more
Ad Amazon MUSIC Artists Merch Shop

Related Posts