US says North Korean malware lurking in computer networks

November 15, 2017

US authorities said Tuesday malware developed in North Korea is still lurking in many computer networks, giving hackers backdoor access to government, financial, automotive and media organizations.

An alert issued by the Department of Homeland Security warned of surreptitious activity by the so-called "Hidden Cobra" group, also known by the name "Lazarus."

US officials earlier this year blamed the group for a series of cyberattacks dating back to 2009, saying it was linked to the Pyongyang government.

In Tuesday's warning, the DHS Computer Emergency Response Team (CERT) said the hacker could still maintain a presence on victims' networks with the aim of "further exploitation."

The said some networks could be infected with the Volgmer "backdoor Trojan" or a remote administration tool known as Fallchill, which can give hackers complete control of a system.

It said FBI investigators suspect the Fallchill tool has been used since 2016 and Volgmer since 2013.

Private security analysts refer to Hidden Cobra as the "Lazarus" group of hackers linked to North Korea and likely behind a series of multimillion-dollar cyber thefts from banks around the world.

Some analysts say the Lazarus group may also have been behind the WannaCry ransomware outbreak earlier this year.

Hackers in the Hidden Cobra or Lazarus group have been active since 2009 and "have leveraged their capabilities to target and compromise a range of victims," according to a DHS report in June.

"Some intrusions have resulted in the exfiltration of data while others have been disruptive in nature."

DHS and FBI officials say the group "will continue to use cyber operations to advance their government's military and strategic objectives," according to the DHS report.

North Korea has denied orchestrating any cyber attacks, but the latest report comes amid rising tensions with the United States over the communist regime's nuclear testing program.

Explore further: US blames North Korea for series of cyberattacks

Related Stories

US blames North Korea for series of cyberattacks

June 14, 2017

U.S. officials are blaming the North Korean government for a series of cyberattacks dating to 2009 against media, aerospace, financial sectors and infrastructure in the United States and around the world.

North Korea gets second web connection via Russian firm

October 5, 2017

A state-owned Russian company has opened up a second internet connection for North Korea which could strengthen Pyongyang's cyber capabilities and undermine US efforts to isolate the regime, security experts said.

Recommended for you

Permanent, wireless self-charging system using NIR band

October 8, 2018

As wearable devices are emerging, there are numerous studies on wireless charging systems. Here, a KAIST research team has developed a permanent, wireless self-charging platform for low-power wearable electronics by converting ...

Facebook launches AI video-calling device 'Portal'

October 8, 2018

Facebook on Monday launched a range of AI-powered video-calling devices, a strategic revolution for the social network giant which is aiming for a slice of the smart speaker market that is currently dominated by Amazon and ...

Artificial enzymes convert solar energy into hydrogen gas

October 4, 2018

In a new scientific article, researchers at Uppsala University describe how, using a completely new method, they have synthesised an artificial enzyme that functions in the metabolism of living cells. These enzymes can utilize ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.