New North Korean malware warning issued by Homeland Security
The US Department of Homeland Security has issued a warning over a new type of malware out of North Korea. The DHS worked with the FBI to unearth and reveal the existence of a malware variant it says is known as "TYPEFRAME." Analysts with the two government agencies analyzed a total of 11 samples of the trojan, including infected Windows files.
Homeland Security released a report on the malware yesterday, explaining that the infected files can download and install the trojan on the victim's computer. The infected files, the agencies say, can "install proxy and remote access Trojans, connect to command and control servers to receive additional instructions, and modify the victim's firewall to allow incoming connections."
The disclosure comes only days after a historic summit between the US and North Korean leaders, seemingly underscoring a growing effort and sophistication on the latter country's part. North Korea has spent years developing its cyberwar efforts, reportedly being behind a number of attempted and successful bank hacks around the world.
According to the DHS, the US government calls North Korea's online hacking/malicious actions "HIDDEN COBRA." The agency maintains a page on this activity on the US CERT website, where anyone can view activity reports.
The DHS National Cybersecurity and Communications Integration Center (NCCIC) encourages the public to report any "suspicious activity" to help analysts keep tabs on such cyber actions.