U.S. Cyber Repeat, the sister division of the Nationwide Security Company pondering about offensive hacking and security operations, has launched a situation of fresh samples of malware linked to North Korean hackers.
The protection force unit tweeted Wednesday that it had uploaded the malware to VirusTotal, a widely frail database for malware and security analysis.
It’s now not the first time the unit has uploaded malware to the server — it has its agree with Twitter tale to sing followers which malware it uploads. On one hand the disclosure helps security teams combat threats from nation states, but it also presents a uncommon peek within the nation reveal-backed hacking groups on which Cyber Repeat is focused.
The uploaded malware sample is named Electric Fish by the U.S. authorities. Electric Fish is a tunneling tool designed to exfiltrate recordsdata from one machine to at least one other over the catch once a backdoor has been placed.
Electric Fish is linked to the APT38 hacking neighborhood.
FireEye says APT38 has distinctly various motivations from other North Korean-backed hacking groups esteem Lazarus, which became blamed for the Sony hack in 2016 and the WannaCry ransomware attack in 2017. APT38 is pondering about monetary crimes, akin to stealing 1000’s of 1000’s of dollars from banks internationally, the cybersecurity firm stated.
Electric Fish became first stumbled on in Would possibly per chance per chance also, based totally on Fatherland Security’s cybers