DHS Warns of North Korean Malware – Wikipedia DDos Attack -Cyber Security in High Demand
DHS, FBI, and DoD Warn of North Korean Malware
The US Department of Homeland Security (DHS), the Federal Bureau of Investigations (FBI), and the US Department of Defense (DoD) distributed several Malware Analysis Reports (MAR) warning of malware variants. The MARS warn of three cyber attacks vectors deployed by North Korean Advanced Persistent Threat Group (APT) HIDDENCOBRA and its malicious cyber activities. Malware reports on ELECTRICFISH and BADCALL malwares.
Hacking tools and technical details of North Korean sponsored APT Group HIDDENCOBRA cyber attack vectors are contained in:
- Malware Analysis Report (10135536-21) – North Korean Tunneling Tool: ELECTRICFISH
Malware Analysis Report (10135536-10) – North Korean Trojan: BADCALL
DHS, FBI, and DoD identified proxy malware variant used by HIDDENCOBRA referred to as ELECTRICFISH. The malware is a malicious Windows 32-bit executable file and is a command-line utility. The goal of ELECTRICFISH is to tunnel traffic between two IP addresses.
North Korean HIDDEN COBRA hackers are using Trojan malware in conjunction with proxy servers to maintain a connection on compromised networks. Malware Analysis Report (MAR-10135536-10) details a malware variant known as BADCALL.
MAR-10135536-10 provides technical details and analysis for four malicious files. Three files are Windows executables that work as proxy servers using a Fake TLS method like MAR-10135536-B. BADCALL malware collects information about the compromised system including the computer and attached adapters.
Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers