New Information on North Korean Malicious Cyber Activity

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Department of Defense have provided new information on malicious cyber activity by the North Korean government. In three new Malware Analysis Reports (MARs), these agencies discuss and provide technical information for three malware variants used by the North Korean government: COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH. In addition to providing malware descriptions, the MARs contain suggested response actions and recommended mitigation techniques. The MARs encourage users or administrators to flag and report activity they describe to CISA (online reporting form, CI*************@******hs.gov, or 1-888-282-0870) or the FBI CyWatch (cy*****@*bi.gov or 1-855-292-3937), and give the activity the highest priority for enhanced mitigation. Read the MARs at CISA.