It has been reported that yesterday the Department of Homeland Security and the FBI publicly identified a new North Korean malware capable of funnelling information from a victim’s computer network. Dubbed ElectricFish by government officials, the malware is the latest tool in North Korea’s hacking program, referred to as Hidden Cobra. The U.S. Cyber Emergency Response Team published a report warning the public about the new malware on Thursday. ElectricFish steals information from a target computer network by bypassing a server’s security protocols with a username and password.
Warning over 'ElectricFish' malware linked with North Korean APT Hidden Cobra https://t.co/x89Mgh0ZxK
— Cyberscout (@CyberScout) May 10, 2019
Expert Comments:
Sam Curry, Chief Security Officer at Cybereason:
“The government released information on the malware so that the North Koreans won’t be able to continue using and monetising it. Its like cutting the head off a snake. Expect more announcements from the DHS and FBI in the future. As a country, North Korea is a very poor nation and their nation state hacking capabilities help to fund budgets. This is a new type of cyber sanction on North Korea. The feds are actively reducing the shelf life of these incremental improvements. It’s not just a cold war but is economic in nature: the idea is to see how deep North Korea’s coffers are and to waste their investment. That’s not a good fight to get into with the world’s largest government by GDP.”
