Latest Threat Research: LetMeowIn – Analysis of a Credential Dumper

Get Informed


US Cyber Command Releases Information About DPRK Malware

The United States Cyber Command publicly released information about five malware samples, allegedly used by the government of the Democratic People’s Republic of Korea (DPRK) for phishing and remote access. The five samples represented three different malware variants, known as COPPERHEDGE, TAINTEDSCRIBE and PEBBLEDASH. Copies of the malware were uploaded to VirusTotal, to facilitate access for researchers and security product vendors.

Analyst Notes

At the time of submission on May 12th, several of the malware samples were not detected as malicious by most of the anti-virus products that Virus Total uses to check submissions. Targeted attacks from well-funded threat groups are able to create and maintain malware that is not recognized by anti-virus products. It is important to practice defense-in-depth to protect critical computer systems from intrusion by monitoring for attacker behaviors and quickly responding to investigate unusual activity on workstations and servers.

Indications of compromise:
SHA-256 hashes of malware samples:

Network traffic:

To read more, please see: