Analysis of Lazarus Group’s Attack on Windows Web Servers
AhnLab SEcurity intelligence Center (ASEC) has identified attack cases of the Lazarus group breaching a normal server and using it as a C2. Attacks that install a web shell and C2 script on South Korean web servers continue to occur. Additionally, there are cases where LazarLoader malware and privilege escalation
