North Korean hackers

Yesterday, on the 3rd anniversary of the infamous global WannaCry ransomware outbreak for which North Korea was blamed, the U.S. government released information about three new malware strains used by state-sponsored North Korean hackers.

Called COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH, the malware variants are capable of remote reconnaissance and exfiltration of sensitive information from target systems, according to a joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD).

The three new malware strains are the latest addition to a long list of over 20 malware samples, including BISTROMATH, SLICKSHOES, HOPLIGHT, and ELECTRICFISH, among others, that have been identified by the security agencies as originating as part of a series of malicious cyber activity by the North Korean government it calls Hidden Cobra, or widely known by the moniker Lazarus Group.

Full-Featured Trojans

COPPERHEDGE, the first of the three new variants, is a full-featured Remote Access Tool (RAT) capable of running arbitrary commands, performing system reconnaissance, and exfiltrating data….

http://feedproxy.google.com/~r/TheHackersNews/~3/rfDx8P1GD8U/fbi-north-korean-malware.html

Leave a Reply