The Kaspersky security firm has released details of an incident involving the Maui ransomware in 2022, when a North Korean-speaking cyber-attack group, Andariel, deployed a variant of the well-known DTrack malware.
ADVERSARY: Andariel
MALWARE FAMILIES: DTrack, Maui
ATT&CK IDS: T1471 - Data Encrypted for Impact, T1059.001 - PowerShell, T1059 - Command and Scripting Interpreter, T1592 - Gather Victim Host Information, T1041 - Exfiltration Over C2 Channel, T1203 - Exploitation for Client Execution
Read More:
Comments