dod pentagon

Pentagon, FBI Release Report on New Malware Attributed to North Korean Hackers

The new trend of public disclosures by government agencies about cybersecurity threats has led to the latest report about North Korea’s newly developed malware used to spy and steal data.

Several government agencies, including the FBI, has made the unusual move of publicly identifying at least seven different malware types associated with North Korean hackers.

The Department of Defense and Department of Homeland Security issued a public disclosure late last week, elaborating on a malicious actor referred to as “Hidden Cobra.” The hacker or hacking collective, associated with the North Korean government, uses malware to steal data, delete files and capture screenshots while someone is using the computer, according to CyberScoop.

This is the first time that the Pentagon’s Cyber Command is identifying North Korean hacking efforts “by name,” CyberScoop reported. Private companies were provided with copies of the report in advance of its public release.

Government agencies have given the malware some creative names, including Buffetline, Hotcroissant, Crowdedflounder and Bistromath. Some of the malware identified by investigators may be associated with previous North Korean attacks on India.

While it’s not shocking to any close watcher of cybersecurity attacks that North Korea is developing more advanced tools to conduct cyber warfare, the new public disclosures by the federal government are a fairly recent development. As ArsTechnica points out, government officials used to refrain from pointing fingers at any specific country for carrying out cyber attacks.

The strategy began to shift after North Korea’s hack of Sony Pictures, which investigators were quick to publicize was likely the work of North Korean agents. The Treasury Department has also publicly sanctioned North Korean hacking groups in 2019, and justice officials have been more outspoken about the threats posed by countries with advanced cyber operations, including Russia, Iran, and, of course, North Korea.

The National Security Agency, known for its secrecy and weaponizing of cybersecurity flaws to spy, surprised many cybersecurity experts in January when the agency alerted Microsoft of a catastrophic flaw in its operating system. Rather than taking advantage of the issue to spy on other countries, the NSA reported it and allowed the company to fix it.

Whether these decisions to publicly disclose cybersecurity threats is permanent, or part of a new approach to cybersecurity policy, is yet to be seen. In explaining the most recent announcement, a Cyber Command spokesperson told CyberScoop that the FBI was behind the attribution of the seven malware samples to North Korea. That was the reasoning behind the most recent disclosure, the spokesperson said.

“Associating the FBI’s attribution of malware to a nation-state is situation-dependent, based on timing,” the spokesperson said.

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.


  • Cloud Adoption Gives Way to Hybrid Deployments

    Cloud adoption is growing at an astonishing rate, with Gartner forecasting that worldwide public cloud end-user spending will approach $600 billion by the end of this year—an increase of more than 21% over 2022. McKinsey believes that number could eclipse $1 trillion by the end of the decade, further underscoring the industry’s exponential growth. Read Now

  • AI on the Edge

    Discussions about the merits (or misgivings) around AI (artificial intelligence) are everywhere. In fact, you’d be hard-pressed to find an article or product literature without mention of it in our industry. If you’re not using AI by now in some capacity, congratulations may be in order since most people are using it in some form daily even without realizing it. Read Now

  • Securing the Future

    In an increasingly turbulent world, chief security officers (CSOs) are facing a multitude of challenges that threaten the stability of businesses worldwide. Read Now

    • Guard Services
  • Security Entrances Move to Center Stage

    Most organizations want to show a friendly face to the public. In today’s world, however, the need to keep people safe and secure has become a prime directive when designing and building facilities of all kinds. Fortunately, there is no need to construct a fortress-like entry that provides that high level of security. Today’s secured entry solutions make it possible to create a welcoming, attractive look and feel at the entry without compromising security. It is for this reason that security entrances have moved to the mainstream. Read Now

Featured Cybersecurity

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3