North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor
Security Affairs
FEBRUARY 25, 2021
Attackers employed a custom tunneling tool to achieve this, it forwards client traffic to the server, the malware encrypts the traffic using trivial binary encryption. .” ThreatNeedle attempt to exfiltrate sensitive data from the infected networks through SSH tunnels to a remote server located in South Korea.
Let's personalize your content