MATA Malware Framework
Cybersecurity experts have been tracking several payloads since they were first detected in April 2018. By analyzing the victims' profiles, the network infrastructure behind the projects, and similarities with past malware campaigns, researchers have determined that the collection of implants may be used by the North Korean hackers known as Lazarus. Apparently, they have been using a new malware framework that has a modular structure and contains a large number of payloads that serve various purposes such as sending commands to active implants, loading additional malware, transferring files, and more. Last but not least, the newly identified MATA Malware Framework supports malware compatible with all popular operating systems – Linux, macOS and Windows.
The Lazarus Group Strikes Victims with the MATA Malware Framework
During its active periods, the MATA Malware Framework has been involved in attacks against companies operating in different sectors – automotive, software development, online stores, Internet Service Providers and more. Another property of the MATA Malware Framework campaign is that it spread across multiple components by targeting organizations in Japan, India, Turkey, Germany, Poland, Kore and others.
One of the reasons why the MATA Malware Framework is considered a major threat is that its modules are compatible with different operating systems (OS). Usually, cybercriminals focus on Windows systems since this is the most widely spread OS. However, Advanced Persistent Threat (APT) groups often have more than enough Windows implants in their arsenal, and they opt to expand their operations by going after other operating systems. This seems to be the case with the MATA Malware Framework and the Lazarus hackers behind it.
Thanks to the plugins that the MATA Malware Framework supports, the attackers can orchestrate every stage of the attack carefully. Apart from allowing them to achieve maximum efficiency, the MATA Malware Framework can also help with exfiltrating data and cleaning up their traces.
The MATA Malware Framework's cross-platform compatibility and worldwide reach are a major security concern, and companies should take the indispensable measures to protect their networks by utilizing reliable firewall and anti-virus services.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.