Home / News / Cybercom Posts North Korea-Linked Malware on Security Research Portal

Cybercom Posts North Korea-Linked Malware on Security Research Portal

Jeff Brody

U.S. Cyber Command has uploaded a sample of malware that is associated with a North Korean advanced persistent threat group and designed to perform data exfiltration through a backdoor, TechCrunch reported Friday.

Cybercom posted the "Electric Fish" tunneling virus to VirusTotal, an online database built for security research purposes. The upload offers insight into cybersecurity threats from nation-state hackers, the report said. The Department of Homeland Security and the FBI determined in May that North Korea uses the malware linked to the APT38 hacking group.

Security company FireEye said in October it found that APT38, which primarily targets financial institutions, could stay within a target's network for an average of 155 days. The financial-crime group has conducted operations against more than 16 organizations worldwide, FireEye noted.

Check Also

DHS S&T Evaluates Smart Building Technologies in Soft Target Exercise

The Department of Homeland Security's science and technology directorate held a live active shooter exercise at George Mason University in partnership with the Center of Innovative Technology to assess smart building technologies.