North Korean Malicious Cyber Activity

Original release date: March 28, 2018

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as SHARPKNOT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

NCCIC/US-CERT encourages users and administrators to review the HIDDEN COBRA - North Korean Malicious Cyber Activity page, which links to Malware Analysis Report MAR-10135536.11, for more information.

This product is provided subject to this Notification and this Privacy & Use policy.