20 Jun 2018

US identifies malware cyber threat from North Korea

A new report from the US Department of Homeland Security has revealed that is has identified malicious cyber activity by the North Korean government.

The Malware Analysis Report (MAR) follows President Donald Trump and North Korean dictator Kim Jong Un’s historic meeting in Singapore last week.

The Department of Homeland Security’s MAR put together in collaboration with the FBI and other government partners warns US businesses about a Trojan malware virus used by the North Korean government.

The report states: ‘The Department of Homeland Security and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as TYPEFRAME—used by the North Korean government,’ with the US government referring to malicious cyber activity by the North Korean government as ‘HIDDEN COBRA’.

The MAR included analysis of 11 malware samples consisting of 32-bit and 64-bit Windows executable files and a malicious Microsoft Word document that contains Visual Basic for Applications (VBA) macros. These files are able to download and install malware, install proxy and Remote Access Trojans (RATs), connect to command and control servers to receive additional instructions, and modify the victim’s firewall to allow incoming connections.

The US has previously accused North Korean hackers of staging cyber attacks on international businesses and infecting computer systems across the world.

If you would like to join our community and read more articles like this then please click here.

The post US identifies malware cyber threat from North Korea appeared first on Defence Online.