Dacls

Dacls is a remote access trojan (RAT) attributed to the Lazarus Group, targeting Windows, Linux, and macOS systems. This modular malware enables attackers to perform a wide range of actions, including process manipulation, file operations, and DLL injection. Dacls is also capable of encrypting its command-and-control (C2) communications, making detection and analysis more challenging. Its deployment has been linked to high-profile cyber espionage and ransomware operations.

Known Variants

MATA Framework: Also referred to as MATA, this framework encompasses Dacls' multi-platform malware functionalities.

Mitigation Strategies

Keep systems and software updated to address known vulnerabilities. Deploy robust endpoint protection to block malware activities. Train users on identifying phishing schemes and avoiding untrusted downloads. Monitor for unusual network traffic indicative of C2 communications.

Targeted Industries or Sectors

Financial Institutions: Targets include banks and other entities involved in monetary transactions. Government Agencies: Deployed in espionage campaigns against state organizations. Critical Infrastructure: Focused attacks on energy and telecommunications sectors have been reported.

Associated Threat Actors

Lazarus Group: A highly sophisticated cybercriminal group linked to Dacls.

References

Ready to uncover malware networks?

We can help you detect malware families and expose their hidden infrastructure blending into malicious networks and hosting providers.

Book your Demo Today

Ready to uncover malware networks?

We can help you detect malware families and expose their hidden infrastructure blending into malicious networks and hosting providers.

Book your Demo Today

Ready to uncover malware networks?

We can help you detect malware families and expose their hidden infrastructure blending into malicious networks and hosting providers.

Book your Demo Today

Hunt Intelligence, Inc.