. home.aspx



DHS Releases Analysis of ELECTRICFISH Malware

May 10, 2019 / Kacy Zurkus

In an attempt to reduce exposure and enable network security, the Department of Homeland Security (DHS) in collaboration with the Federal Bureau of Investigation (FBI) has released a report analyzing a North Korean traffic tunneling tool named ELECTRICFISH. The DHS and FBI have identified a malware variant used by the North Korean government, yet another indication of the continued threat from nation-state actors, particularly the malicious cyber activity of the North Korean government, also known as HIDDEN COBRA. “This alert by US-CERT reveals a simple piece of malware which creates a backdoor to provide the attacker direct access to the affected system. Using a custom protocol, likely to help it evade detection from typical network monitoring tools, ELECTRICFISH can pass data or accept an inbound connection that bypasses all system authentication,” said Nathan Wenzler, senior director of cybersecurity at Moss Adams. According to the analysis, ELECTRICFISH is a command-lin...