InvisibleFerret: Everything About Lazarus APT’s New Backdoor - Cybersecurity Insiders

Lazarus Group, a North Korean cyber threat actor, is using fake job interviews to deliver malware, including InvisibleFerret, a Python-based backdoor. InvisibleFerret steals sensitive information, including source code, credentials, and cryptocurrency wallets, using reconnaissance, data exfiltration, and persistence techniques. ANY.RUN’s sandbox can be used to analyze InvisibleFerret and identify its tactics, techniques, and procedures (TTPs), helping businesses strengthen their defenses against similar threats.