Sep 8, 2019

U.S. Cyber Command appears to troll North Korea with malware release

A military parade marking the 70th anniversary of the foundation of North Korea, Sept. 9, 2018. Photo: Alexander Demianchuk\TASS via Getty Images

U.S. Cyber Command released samples of North Korea's government-funded malware to researchers during the early hours of North Korea's Day of the Foundation of the Republic — a move seemingly timed to unnerve the hermit nation during a national holiday.

The big picture: Cyber Command periodically releases malware to the research community to bolster private sector defenses against foreign threats. But while previous releases received praise from the researchers for providing new details about threat groups, the North Korean samples that were atypically released on a Sunday don't immediately appear to be as fruitful.

What they're saying: "It's old [samples]," tweeted Sergio Caltagirone, VP of threat intelligence for Dragos.

  • The link between the Sunday release date and the North Korean holiday was first noticed by Andrew Thompson of Mandiant.

Cyber Command released the samples between midnight and 1am, North Korea time, on Sept. 9.

  • The release contains samples of malware from the hacker group Hidden Cobra, which the U.S. government has attributed to North Korea.
  • Cyber Command would not say if the timing of the release was intentional. "We do not discuss details about the malware samples the CNMF team posts," a spokesperson told Axios.

Go deeper

North Korea hackers spy on nuclear, sanctions experts: report

Photo: Evgeny Agoshkov\TASS via Getty Images

North Korea-linked hackers have expanded their campaign to spy on experts researching nuclear deterrence, North Korea’s nuclear submarine program and North Korean economic sanctions, according to research from Prevailion.

The big picture: Countries often use espionage to prepare for upcoming actions like new sanctions, improve their bargaining position by better understanding their adversary's goals, or to see what other people know. This could be an example of any of those.

Go deeperArrowSep 11, 2019

North Korea calls U.S. position in denuclearization talks "sickening"

Photo: Saul Loeb/AFP/Getty Images

After denuclearization talks between North Korea and the United States ended in Stockholm on Saturday, a spokesperson for North Korea's foreign ministry said negotiators have "no intention to hold such sickening negotiations as what happened this time."

The big picture: The two countries disagreed on how to characterize Saturday's talks, with U.S. officials claiming they planned to return to Stockholm in 2 weeks to continue what they deemed a productive conversation. North Korean officials claimed the talks "broke down."

Go deeperArrowOct 6, 2019

North Korea fires 2 projectiles after offering talks with U.S.: South Korea

North Korean leader Kim Jong-un, flanked by army officials. Photo: STR/AFP/Getty Images

South Korea’s Joint Chiefs of Staff say North Korea has fired 2 unidentified projectiles into the Sea of Japan, the South Korean Yonhap news agency reports.

Why it matters: The launch came hours after Pyongyang offered to resume nuclear talks with the U.S. This is the 10th such launch since May, in what appears to be yet another demonstration of North Korea expanding its weapons arsenal apparently with the intention of increasing leverage ahead of possible negotiations with the U.S.

Go deeperArrowSep 10, 2019