New Malware of Lazarus Threat Actor Group Exploiting INITECH Process

From asec.ahnlab.com

The AhnLab ASEC analysis team has discovered that there are 47 companies and institutions—including defense companies—infected with the malware distributed by the Lazarus group in the first quarter of 2022. Considering the severity of the situation, the team has been monitoring the infection cases.

In systems of the organizations infected with the malware, it was found that malicious behaviors stemmed from the process of INITECH (inisafecrosswebexsvc.exe), the security company.

The team initially secured the following information of inisafecrosswebexsvc.exe from the infected systems.  

Read more…