The United States Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report today revealing cybercriminal activities of hackers backed by the North Korean government.
The report states that in conjunction with the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS), identified a remote access trojan (RAT) deployed by the North Korean government-sponsored hacking group referred as Hidden Cobra by the US government and also infamously known as the Lazarus Group or APT38.
The malware variant ensued by the North Korean threat actors is called BLINDINGCAN and it was used in concurrence with proxy servers in order to maintain a presence in the victim’s system and elongate network exploitation with its built-in functions.
It is worth noting that just a couple of days ago, the FBI (Federal Bureau of Investigation) and the National Security Agency (NSA) had warned against Russian government-backed hackers using Drovorub malware against Linux systems.
However, the latest advisory revealed that threat actors in question basically lured victims thorough a recruitment campaign from leading defense corporations such as ‘the Boeing Company.’
Not only this, but the victims were asked to go through an extensive interview process which was more of a hoax until they received malicious document ..
Support the originator by clicking the read the rest link below.