It has been reported that yesterday the Department of Homeland Security and the FBI publicly identified a new North Korean malware capable of funnelling information from a victim’s computer network. Dubbed ElectricFish by government officials, the malware is the latest tool in North Korea’s hacking program, referred to as Hidden Cobra. The U.S. Cyber Emergency Response Team published a report warning the public about the new malware on Thursday. ElectricFish steals information from a target computer network by bypassing a server’s security protocols with a username and password.
Warning over 'ElectricFish' malware linked with North Korean APT Hidden Cobra https://t.co/x89Mgh0ZxK
— Cyberscout (@CyberScout) May 10, 2019
Expert Comments:
Sam Curry, Chief Security Officer at Cybereason:
“The government released information on the malware so that the North Koreans won’t be able to continue using and monetising it. Its like cutting the head off a snake. Expect more announcements from the DHS and FBI in the future. As a country, North Korea is a very poor nation and their nation state hacking capabilities help to fund budgets. This is a new type of cyber sanction on North Korea. The feds are actively reducing the shelf life of these incremental improvements. It’s not just a cold war but is economic in nature: the idea is to see how deep North Korea’s coffers are and to waste their investment. That’s not a good fight to get into with the world’s largest government by GDP.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.