North Korean hackers have been discovered reusing malware and computer infrastructure. The examination of North Korean malware discovered that the same code is often reused in multiple attacks. It was also discovered that much of the malware that has been tentatively attributed to North Korea also utilized much of the same network infrastructure. It is believed that the specific teams may utilize their own infrastructure, meaning that if the teams can be identified by their networks, security professionals would be able to identify the exact teams within North Korea with greater certainty. Some of the recycled code has been found in malware campaigns dating back to 2009.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is