The big news this week–outside of World Cup madness–has been the historic summit between US President Donald Trump and North Korean dictator Kim Jong Un. Now, just days following that meetup, the Department of Homeland Security (DHS) is reporting that there is evidence of malicious cyber activity by the North Korean government.
Analysts have spotted Trojan malware variants typically used by the North Korean government to harm or disable computer systems. Referencing a report by the DHS Computer Emergency Readiness Team (CERT), CNN reports that the active malware variant they identified is known as “TYPEFRAME.” According to the US-CERT website, “The US Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.”
The Malware Analysis Report (MAR) represents the findings of joint work by the FBI and DHS. Together, they analyzed nearly a dozen malware samples that consisted of executable files and a malicious Microsoft Word document. “These files have the capability to download and install malware, install proxy and Remote Access Trojans (RATs), connect to command and control (C2) servers to receive additional instructions, and modify the victim’s firewall to allow incoming connections,” says the report.
DHS shares this information to help organizations identify malicious cyber activity and prevent exposure to cyberattacks.
Get the full story at CNN.