Monday, May 13, 2019

Fish...

Image result for electric fish malware

The Department of Homeland Security (DHS) and FBI have released a joint security advisory warning of a new strain of malware being used in North Korean cyberattacks.

Dubbed Electricfish, the malware was uncovered while the departments were tracking the activities of Hidden Cobra, a threat group believed to be state-sponsored and backed by the North Korean government.

Hidden Cobra has been connected to a variety of attacks against financial institutions, critical industrial players, and targets chosen for valuable intellectual property worldwide
The description of Electricfish is based on one malicious 32-bit Windows executable. After reverse engineering the sample, the malware was found to contain a custom protocol which permits traffic to be funneled between source and destination IP addresses.
"The malware can be configured with a proxy server/port and proxy username and password," the advisory reads.

No comments:

Post a Comment