The US government today released information on three new malware variants used in malicious cyber activity campaigns by a North Korean government-backed hacker group tracked as HIDDEN COBRA. From a report: The new malware is being used “for phishing and remote access by #DPRK cyber actors to conduct illegal activity, steal funds & evade sanctions” according to the information published by Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense (DoD). U.S. Cyber Command has also uploaded five samples of the newly discovered malware variants onto the VirusTotal malware aggregation repository. Besides the malware samples shared by the U.S. Cyber Command, CISA has also published detailed malware analysis reports (MARs) on its website containing indicators of compromise (IOCs) and YARA rules for each of the detected samples. The cybersecurity agency also provides mitigation measures in the form of Snort rules, as well as recommendations for system owners and administrators to strengthen the security posture of their organization’s systems.
of this story at Slashdot.
Source:: Slashdot