September 29, 2020

New malware strain indicates North Korean cyber groups share malicious tools

Security firm sees “malware lineage” across hacking units as U.S. agencies link malicious code variant to DPRK

In a malware report that shows how North Korean hackers increasingly collaborate across specialized units, the U.S. government warned on Wednesday that the DPRK is trying to steal key military and energy technologies using a malware variant spread via social engineering campaigns. 

The malware variant — dubbed “Blindingcan” — appears similar to tools used in other recent phishing campaigns reported by security firms. ClearSky Security reported on “Operation Dream Job” last week, while ESET reported on “Interception” in June and McAfee detailed “Operation North Star” in July.