North Korean Malicious Cyber Activity Original release date: December 21, 2017 The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as BANKSHOT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.
US-CERT encourages users and administrators to review Malware Analysis Report (MAR) 10135536-B and the US-CERT page on HIDDEN COBRA – North Korean Malicious Cyber Activity for more information.
This product is provided subject to this Notification and this Privacy & Use policy.
Recent Posts CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released nine Industrial Control Systems (ICS) advisories on August 28, 2025. These advisories provide…
CISA, along with the National Security Agency, Federal Bureau of Investigation, and international partners, released…
CISA released three Industrial Control Systems (ICS) advisories on August 26, 2025. These advisories provide…
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
This website uses cookies.
Accept