recommended reading

Threatwatch

Security Researchers: North Korea Hit with Malware Campaign

Cyber espionage

An unknown group has targeted North Korean organizations with malware that would allow repeated access to systems.

Security researchers say the latest campaign—after a July 3 intercontinental ballistic missile test—is at least the fifth attack in three years, Dark Reading reported. That campaign used a copy-pasted news article about the missile launch to trick recipients into launching the malware, the security firm Talos reported.

At first, the Konni malware used in the campaign only gathered information, but it later evolved to include the ability to remotely take control of some seized accounts, according to Talos and another security firm Cylance. The malware is capable of logging keystrokes, capturing screens and uses advanced techniques to avoid detection, the firms reported.

“The motivation behind these campaigns is uncertain, however it does appear to be geared towards espionage against targets who would be interested in North Korean affairs,” Cylance researchers said.

sector

Other

reported

August 8, 2017

reported by

Dark Reading

number affected

Unknown

location of breach

North Korea

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

2014

date breach detected

Unknown