Analysis of APT attack cases targeting domestic companies using Dora RAT Andariel Group
AhnLab Security Intelligence Center (ASEC) recently confirmed that the Andariel group carried out APT attacks on domestic companies and institutions. The targeted organizations included manufacturing companies construction firms and educational institutions.The attackers employed backdoors keyloggers infostealers and proxy tools to control the infected systems and steal data. In this attack malicious codes previously associated with the Andariel group were identified such as Nestdoor a backdoor malware. Additionally web shells were detected. Although not identical the proxy tool used in past Lazarus group attacks was also employed in this incident.