The Department of Defense has once again called out North Korean hackers by exposing malware samples researchers say are linked to regime-backed financial heists, including past attacks on the interbank messaging system known as the Society for Worldwide Interbank Financial Telecommunication (SWIFT), CyberScoop has learned.
Cyber Command assessed that the malware, which it posted to the information sharing platform VirusTotal, is being used in ongoing cyberattacks aimed at the financial sector.
“These malware samples are currently used for fund generation and malicious cyber activities including remote access, beaconing, and malware command by malicious cyber actors,” the command said in a tweet.
The command did not name victims or describe the magnitude of the scheme.
It’s a rare statement from the Pentagon’s cyber-operations division on the intent and capabilities of adversary-linked malware in what appears to be an expansion of the command’s willingness and ability to discuss the intelligence behind its VirusTotal effort. The command, which launched the information sharing program last year as a way to thwart adversary hacking campaigns, normally declines to discuss the context around the malware it is posting, such as whether it is currently being used or what kinds of actors are using i ..
Support the originator by clicking the read the rest link below.
