Experts have warned that hackers are targeting Linux, Windows, and macOS operating systems with a sophisticated malware framework, called MATA. Researchers believe this framework has been used since 2018 by a well-known threat actor from North Korea, named Lazarus.
A report by Kaspersky Internet Security stated that these advanced tools are designed to be deployed in a way that attackers can leverage them for a long time to come. The report advised that “Malicious toolsets used to target multiple platforms are a rare breed, as they require significant investment from the developer.”
In the cyber attack series found by Kaspersky, it was discovered that the MATA framework can target three platforms (macOS, Linux, and Windows). The framework is comprised of several components including a loader, plugins, and orchestrator (which coordinates and directs the process one a device is infected).
“The actor behind this advanced malware framework has taken an aggressive approach to infiltrate corporate entities around the world. It was utilized for a number of attacks aimed at stealing customer databases and distributing ransomware – software designed to block access to a computer system until a sum of money is paid,” Kaspersky said.
Citizens in Japan, India, Korea, Turkey, Germany, and Poland have been targeted as well as an eCommerce, software development, and search provider business. The report warned that the Lazarous group is “known for its sophisticated operations and links to North Korea, and for cyber-espionage and financially-motivated attacks,”
Seongsu Park, a senior security researcher said “This series of attacks indicates that Lazarus was willing to invest significant resources into developing this toolset and widening the reach of organizations targeted – particularly in hunting for both money and data. Furthermore, writing malware for Linux and macOS systems often indicates that the attacker feels that he has more than enough tools for the Windows platform, which the overwhelming majority of devices are run on. This approach is typically found among mature APT groups,” and “We expect the MATA framework to be developed even further and advise organizations to pay more attention to the security of their data, as it remains one of the key and most valuable resources that could be affected.”
New dangerous threats are frequently being detected and are improving in sophistication. In today’s world, it is vital that businesses are proactive and have the best cybersecurity measures in place to safeguard from attack. Cyber attacks not only damage data but can derail the entire functionality of an organization and severely damage your organization’s reputation.
For many small and medium-size businesses, the best way to keep up with the latest cyber security protection is to partner with a Managed Service Provider, like MBC. Our team of cyber security experts and cutting-edge tools to ensure your devices and networks are safe and that you have the proper protocols in place to promote a secure environment throughout your organization.
To learn more about how MBC can support your business with the latest cyber security protection, schedule a free assessment today.