Cybersecurity Experts Warn of New Malware Threat
Cybersecurity experts at ESET have issued a warning about a new malware called “LightlessCan” developed by the Lazarus Group. This malware is more difficult to detect than previous versions, making it a significant threat to businesses.
New Malware Deployed in Employment Scams
The primary method of deploying LightlessCan is through employment scams. The hackers lure victims into installing a malicious payload disguised as a job task or document related to the company. Once the payload is installed, the hackers gain access to the victim’s network.
Lazarus Group’s Connection to Crypto Hacks
The Lazarus Group has been linked to several high-profile crypto hacks, including the theft of millions of dollars from sports betting platform Stake.com. They have also targeted traditional companies like AstraZeneca and Sony, as well as being connected to the WannaCry ransomware attack.
How LightlessCan Works
LightlessCan utilizes a remote access Trojan (RAT) to deliver payloads to the victim’s network. This RAT is more sophisticated than previous versions and mimics native Windows commands, making it difficult to detect and analyze the attacker’s activities. It also uses guardrails to protect the payload during execution, preventing unauthorized decryption by security researchers.
Additionally, LightlessCan uses multiple encryptions during its campaigns, including AES-128 and RC6 with a 256-bit key. The malware’s deployment in the final stages involves droppers and loaders embedded with the payload into the victim’s systems.
Case Study: Lazarus Group Hack on Spanish Aerospace Company
ESET uncovered a hack by the Lazarus Group on a Spanish aerospace company using the LightlessCan malware. The hackers gained access to the company’s networks by posing as recruiters on LinkedIn and sending coding tasks as part of the hiring process. Once the victim completed these tasks, the hackers had full access to their systems.
Renewed Awareness to Achieve Digital Safety
ESET’s security team emphasizes the importance of renewed awareness and vigilance to prevent these types of scams and attacks. By staying informed and cautious, individuals and businesses can significantly reduce their risk of falling victim to cyber threats.
Hot Take: The Growing Threat of LightlessCan Malware
As cybercriminals continue to develop more sophisticated malware like LightlessCan, it is crucial for individuals and organizations to prioritize cybersecurity measures. This new malware variant poses significant challenges in detection and analysis, making it even more dangerous. By staying informed about the latest threats and implementing robust security protocols, you can protect yourself and your business from potential cyber attacks.