A rare alert has been issued by the US in relation to a hacking group called ‘Hidden Cobra’ that is linked to the North Korean government, according to The US Computer Emergency Readiness Team (CERT).
Cyber company Symantec Corp said it was “highly likely” that a hacking group affiliated with North Korea was behind years of cyber attacks including Sony Pictures and WannaCry that infected more than 300,000 computers worldwide.
Symantec reported they had found evidence that the WannaCry ransomware was linked to the Lazarus Group, and had been claimed the coding was similar to the one used in a $81 million heist of a Bangladeshi bank in 2016.
“Our confidence is very high that this is the work of people associated with the Lazarus Group, because they had to have source code access. With WannaCry, Lazarus Group members could have been moonlighting to make extra money, or they could have left government service, or they could have been contractors without direct obligations to serve only the government”, says Vikram Thakur, Symantec’s security response technical director.
The alert urged organisations to upgrade to current versions of Adobe Flash and Microsoft Silverlight or simply remove those applications altogether.
“If users or administrators detect the custom tools indicative of Hidden Cobra, these tools should be immediately flagged, reported to the DHS National Cybersecurity Communications and Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch), and given highest priority for enhanced mitigation,” the alert said.
“Cyber actors of the North Korean government had targeted the media, aerospace and financial sectors, as well as critical infrastructure, in the United States and globally”, The US Department of Homeland Security stated on Tuesday.
Hidden Cobra is known to commonly target systems that run on older versions of Microsoft systems that are no longer supported, and used ‘vulnerabilities’ in Adobe Flash software to gain access into targeted computers.
Image via AP