North Korean hackers deploy new trick to stop Windows from identifying malware
BlueNoroff threat group linked to DPRK has used technique in ongoing campaign targeting foreign firms, researchers say
North Korean hackers have adopted a new trick to evade Microsoft Windows’ built-in defenses and spread powerful malware, security researchers said Tuesday, successfully utilizing the technique against at least one international firm.
According to a report from Russian cybersecurity firm Kaspersky, a North Korean threat group tracked as BlueNoroff has begun burying malicious scripts inside of optical disk image (.iso) and virtual hard disk (.vhd) files. The technique prevents Windows from flagging the file as originating from the internet, a security mechanism that usually provides warning pop-ups to the user.
“This technique only works for
- 01State media review: North Korea provides a front-row seat to anti-Yoon protests
- 02By linking radars, ROK and Japan reduce blind spots around North Korean missiles
- 03Poker face: North Korea tries new strategy in crackdown on ‘bluffing’ and lying
- 04State media review: ‘Little Boy’ spooks North Korea ahead of warm weather season
- 05How North Korean mining has left a toxic legacy for the country’s people
- 06North Korea building secretive installation on razed airfield in Pyongyang
- 07North Korea appears to start major training for next military parade: Imagery
- 08How North Korea wielded the law against violators of pandemic controls