Multifaceted MATA Malware Framework Linked to North Korea

Lavern Vogel

LoadingAdd to favorites

“Used to aggressively infiltrate corporate entities all around the world”

Russian stability organization Kaspersky claims it has found a novel new multi-platform malware framework featuring a loaded array of loaders, orchestrators and plugins that is equipped to target Windows, Linux and macOS running programs.

Dubbing it “MATA”, Kasperky linked it (arguably somewhat tenuously) to the North Korean Lazarus APT. (MATA “uses two special filenames, c_2910.cls and k_3872.cls” mentioned in the US-CERT publication on North Korean risk actors).

Worryingly, Kaspersky mentioned the Linux model (“containing distinct MATA documents together with a set of hacking tools”) was uncovered on a legit distribution web page.

Kaspersky did not title the web page or the distro. (Laptop Business enterprise Overview has contacted the organization for extra particulars and will update when we get them).

The offer provided a Linux software for listing folders, scripts for exploiting Atlassian Confluence Server (CVE-2019-3396), a

Read More