FBI and CISA released an update about North Korean malware.
The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released an update about North Korean malware.
This, as the US Cyber Command on Friday posted a photo of a “DPRK Malware” in a Valentine’s Day meme format.
#ValentinesDayMemes @US_CYBERCOM pic.twitter.com/c8X7d6zBDr
— USCYBERCOM Malware Alert (@CNMF_VirusAlert) February 14, 2020
The FBI and CISA released additional information on DPRK malware with updated Malware Analysis Reports (MARs) that were related to malicious cyber activity from North Korea:
- AR20-045A — BISTROMATH (a full-featured RAT)
- AR20–045B — SLICKSHOES (Themida-packed malware dropper)
- AR20-045C — CROWDEDFLOUNDER (Remote Access Trojan loader)
- AR20-045D — HOTCROISSANT (beaconing implant with backdoor capabilities)
- AR20-045E — ARTFULPIE (loads and executes a DLL from a hardcoded URL)
- AR20-045F — BUFFETLINE (beaconing implant with backdoor features)
- AR20-045G — HOPLIGHT (backdoor Trojan)
As explained by the Cybersecurity and Infrastructure Security Agency (CISA), the information contained in these Malware Analysis Reports was “the result of analytic efforts between the U.S. Department of Homeland Security (DHS), the U.S. Department of Defense (DOD), and the FBI to provide technical details on the tools and infrastructure used by cyber actors of the North Korean government,” adding that each Malware Analysis Report (MAR) came with a detailed “malware descriptions, suggested response actions, and recommended mitigation techniques.”
CISA advised organizations to follow these best practices in order to strengthen their security posture. as stated below:
To define, “DPRK” was the abbreviation for the Democratic People’s Republic of Korea, which was the official country name for North Korea.
What can you say about this? Just feel free to leave your reactions in the comment section.
Thank you for visiting our website. We hope we have helped you with regard to this matter. You may keep coming back for more informative guides. For more news and updates, follow us on Facebook!
READ ALSO | Xian Gaza Interviews Street Vendor Via Video Call
