Mastodawn

Manuel Bissey Sep 3, 2025

Lazarus Group expands its arsenal with PondRAT, ThemeForestRAT & RemotePE—targeting DeFi via social engineering and stealthy RATs. Sophistication is rising. 🧬🎯 #LazarusOps #AdvancedThreats

https://thehackernews.com/2025/09/lazarus-group-expands-malware-arsenal.html

Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE

Lazarus Group used PondRAT, ThemeForestRAT, and RemotePE in a 2024 DeFi attack, likely via Chrome zero-day.

The Hacker News