Apr 25, 2018 - World

North Korean-linked malware campaign increasing global scope

Shadow of a hand looms over a keyboard

“Operation GhostSecret,” a global data theft and reconnaissance campaign with suspected links to North Korean hackers, is targeting critical infrastructure, finance, healthcare firms and entertainment industries in 17 countries, McAfee Advanced Threat Research reports.

The takeaway: The new report suggests North Korea is moving beyond its typical focus on trying to steal cash or military secrets, and is now targeting a much broader swath of society.

The threat level: The campaign is currently active. McAfee's chief scientist, Raj Samani, writes that "the publicity associated with the (we assume) first phase of this campaign did nothing to slow the attacks. The threat actors not only continued but also increased the scope of the attack, both in types of targets and in the tools they used."

Flashback: Last month’s cyberattack on Turkish banks, which McAfee also uncovered, was just the beginning of this global hack, per McAffee.

Go deeper