May 25, 2024

New malware strain indicates North Korean cyber groups share malicious tools

Security firm sees “malware lineage” across hacking units as U.S. agencies link malicious code variant to DPRK

In a malware report that shows how North Korean hackers increasingly collaborate across specialized units, the U.S. government warned on Wednesday that the DPRK is trying to steal key military and energy technologies using a malware variant spread via social engineering campaigns. 

The malware variant — dubbed “Blindingcan” — appears similar to tools used in other recent phishing campaigns reported by security firms. ClearSky Security reported on “Operation Dream Job” last week, while ESET reported on “Interception” in June and McAfee detailed “Operation North Star” in July. 

Become a member for less than $4 per week.

  • Unlimited access to all of NK News: reporting, investigations, analysis
  • The NK News Daily Update, an email newsletter to keep you in the loop
  • Searchable archive of all content, photo galleries, special columns
  • Contact NK News reporters with tips or requests for reporting
Get unlimited access to all NK News content, including original reporting, investigations, and analyses by our team of DPRK experts.
Subscribe now

All major cards accepted. No commitments – you can cancel any time.