MATA Malware Framework

There is a North Korean hacking group known as Lazarus that appears to be making headlines once again. This hacking group also is referred to as APT38 (Advanced Persistent Threat). Back in April 2018, malware analysts spotted several different payloads, which they have been tracking ever since. According to the experts' research, the hackers have expanded their operations by crafting a brand-new malware framework to assist them with their attacks. It features a modular structure, which means that they can use custom-developed plugins to manipulate its functionality on-the-fly and ensure that they will use the right malware implants for the task at hand. Furthermore, the newly identified Lazarus framework appears to support all the popular operating systems – Windows, Linux and macOS. The name of this new framework is the MATA Malware Framework.

So far, the MATA Malware Framework appears to have been involved in several hacking campaigns that have targeted organizations operating in various sectors – software development companies, ISPs (Internet Service Providers), online retail stores, automotive corporations, etc. The MATA Malware Framework campaign is not limited to one region only. Instead, this framework appears to have claimed victims located in Germany, Turkey, Poland, India, Korea and Japan.

The main reason why cybersecurity researchers consider the MATA Malware Framework to be a very potent threat is that it is compatible with such a wide array of operating systems. Since Windows is the most popular OS by far, most cybercriminals concentrate their efforts into creating threats and infrastructure compatible with it, while Linux and macOS often remain ignored. However, the Lazarus APT has made sure that the MATA Malware Framework would be able to target systems running Windows, Linux and macOS.

Having in mind that the MATA Malware Framework has a modular structure, the attackers can modify it to fit the specific task they are trying to complete easily. This can be achieved thanks to various plugins that are designed to serve a variety of different purposes. The MATA Malware Framework also can wipe the traces of its unsafe activity, which goes a long way in keeping the campaign as stealthy as possible.

Malware analysts have determined that the MATA Malware Framework is a very serious threat that can go after almost any target that the Lazarus hacking group wishes to breach. Make sure your computer is protected by a reputable, modern anti-virus solution.