CISA Malware Analysis Report on Recent North Korean Activity: “HOPLIGHT”

The DHS Cybersecurity and Infrastructure Security Agency (CISA) has published a Malware Analysis Report (MAR) on recent malicious cyber activity attributed to the North Korean government. This activity, referred to as “HOPLIGHT,” involves Trojan malware variants. The MAR includes malware descriptions, suggested response actions, and recommended mitigation techniques. Users or administrators should flag activity associated with the malware and report the activity to CISA or the FBI Cyber Watch (CyWatch) and give the activity the highest priority for enhanced mitigation. This and other reports regarding malicious cyber activity performed by the North Korean government have been posted to CISA’s “HIDDEN COBRA” webpage (the U.S. government refers to malicious cyber activity by the North Korean government as “HIDDEN COBRA”). Read the MAR at CISA.