Lucene search
K

5 matches found

hivepro
hivepro
added 2023/02/24 10:49 a.m.44 views

Lazarus Strikes with WinorDLL64 Backdoor Discovered in Wslink Malware loader

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A newly discovered backdoor named WinorDLL64 seems to be associated with the malware downloader Wslink. This revelation suggests that Lazarus, the notorious North Korea-aligned group, may have employed...

1.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/23 11:47 a.m.45 views

Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data

A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the notorious North Korea-aligned Lazarus Group, new findings reveal. The payload, dubbed WinorDLL64 by ESET, is a fully-featured implant that can exfiltrate, overwrite, and delete...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/23 11:47 a.m.4 views

Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data

A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the notorious North Korea-aligned Lazarus Group, new findings reveal. The payload, dubbed WinorDLL64 by ESET, is a fully-featured implant that can exfiltrate, overwrite, and delete...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/29 10:7 a.m.16 views

Experts Detail Virtual Machine Used by Wslink Malware Loader for Obfuscation

Cybersecurity researchers have shed more light on a malicious loader that runs as a server and executes received modules in memory, laying bare the structure of an "advanced multi-layered virtual machine" used by the malware to fly under the radar. Wslink, as the malicious loader is called, was...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/10/28 7:59 a.m.14 views

New Wslink Malware Loader Runs as a Server and Executes Modules in Memory

Cybersecurity researchers on Wednesday took the wraps off a "simple yet remarkable" malware loader for malicious Windows binaries targeting Central Europe, North America and the Middle East. Codenamed "Wslink" by ESET, this previously undocumented malware stands apart from the rest in that it run...

1.5AI score
Exploits0
Rows per page
Query Builder