North Korean Malicious Cyber Activity

Original release date: August 09, 2018

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified a Trojan malware variant—referred to as KEYMARBLE—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

US-CERT encourages users and administrators to review Malware Analysis Report (MAR) MAR-10135536-17 and the US-CERT page on HIDDEN COBRA - North Korean Malicious Cyber Activity for more information.


This product is provided subject to this Notification and this Privacy & Use policy.