Stories

U.S. Cyber Command appears to troll North Korea with malware release

North Korea parade
A military parade marking the 70th anniversary of the foundation of North Korea, Sept. 9, 2018. Photo: Alexander Demianchuk\TASS via Getty Images

U.S. Cyber Command released samples of North Korea's government-funded malware to researchers during the early hours of North Korea's Day of the Foundation of the Republic — a move seemingly timed to unnerve the hermit nation during a national holiday.

The big picture: Cyber Command periodically releases malware to the research community to bolster private sector defenses against foreign threats. But while previous releases received praise from the researchers for providing new details about threat groups, the North Korean samples that were atypically released on a Sunday don't immediately appear to be as fruitful.

What they're saying: "It's old [samples]," tweeted Sergio Caltagirone, VP of threat intelligence for Dragos.

  • The link between the Sunday release date and the North Korean holiday was first noticed by Andrew Thompson of Mandiant.

Cyber Command released the samples between midnight and 1am, North Korea time, on Sept. 9.

  • The release contains samples of malware from the hacker group Hidden Cobra, which the U.S. government has attributed to North Korea.
  • Cyber Command would not say if the timing of the release was intentional. "We do not discuss details about the malware samples the CNMF team posts," a spokesperson told Axios.