Cybercom Posts North Korea-Linked Malware on Security Research Portal

Jeff Brody

U.S. Cyber Command has uploaded a sample of malware that is associated with a North Korean advanced persistent threat group and designed to perform data exfiltration through a backdoor, TechCrunch reported Friday.

Cybercom posted the "Electric Fish" tunneling virus to VirusTotal, an online database built for security research purposes. The upload offers insight into cybersecurity threats from nation-state hackers, the report said. The Department of Homeland Security and the FBI determined in May that North Korea uses the malware linked to the APT38 hacking group.

Security company FireEye said in October it found that APT38, which primarily targets financial institutions, could stay within a target's network for an average of 155 days. The financial-crime group has conducted operations against more than 16 organizations worldwide, FireEye noted.

Check Also

U.S. Air Force

Grand Forks Air Force Base Innovation Council Hosts Virtual Pitch Day

The Grand Forks Air Force Base Innovation Council collaborated with the University of North Dakota and the 319th Contracting Flight to hold a virtual pitch event for startup businesses.