CyberGlobal RiskNews Briefs

North Korean hackers target U.S. entities amid stalled denuclearization talks

Prevailion, a Maryland-based cybersecurity firm, has identified a hacking group with ties to North Korea targeting U.S. entities that discuss nuclear deterrence, North Korea’s nuclear submarine program, and economic sanctions on the North Korean regime.

The hacking group has started placing its malware in obscure file formats, namely Kodak FlashPix (FPX) files, to evade antivirus detection products. The FPX files are embedded in Microsoft Word documents that are sent to victims, which are then launched via macro commands. Prevailion links this activity to a group known as Kimsuky or Smoke Screen, with moderate confidence.

Read more: North Korean hackers target U.S. entities amid stalled denuclearization talks

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.