New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

New Malware Tied to North Korea’s Lazarus Group

North Korea (Lazarus Group): The FBI and Homeland Security released a joint report outlining a new malware strain which has been tied back to North Korea.  The new malware has been dubbed Electricfish and currently only affects Windows machines.  Once Electricfish gains a foothold on a victim’s network, it sets up a secure tunnel between a device on the victim’s network and their command and control server.  The malware will also configure a proxy to act as an intermediary between the victim’s network and the command and control server without authentication.  North Korea continues to adapt their attack techniques which have allowed them continued success with their attack campaigns.

Analyst Notes

As relations continue to be rocky between North Korea and the west, more actions like these will probably be seen.