North Korean hackers deploy new trick to stop Windows from identifying malware



News North Korean hackers deploy new trick to stop Windows from identifying malware BlueNoroff threat group linked to DPRK has used technique in ongoing campaign targeting foreign firms, researchers say Ethan Jewell December 28, 2022 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON A physical representation of bitcoin \| Image: Eivind Pederson via Pixabay North Korean hackers have adopted a new trick to evade Microsoft Windows’ built-in defenses and spread powerful malware, security researchers said Tuesday, successfully utilizing the technique against at least one international firm. According to a report from Russian cybersecurity firm Kaspersky, a North Korean threat group tracked as BlueNoroff has begun burying malicious scripts inside of optical disk image (.iso) and virtual hard disk (.vhd) files. The technique prevents Windows from flagging the file as originating from the internet, a security mechanism that usually provides warning pop-ups to the user. “This technique only works for Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01Trump return rekindles prospects of North Korea talks, but Russia stands in way 02How China could benefit from North Korea’s troop deployment to Ukraine 03New North Korean ICBM delivers big political message, and likely bigger payloads 04How North Korea-Russia ties will challenge next US president, no matter who wins 05What to make of the stunning collapse in value of North Korean won 06What to know about Kim Yong Bok, the man leading North Korean troops in Russia 07If Trump: How erratic leader’s reelection could scramble North Korea policy 08North Korea’s admission of drone incursion exposes glaring gaps in air defenses

News

North Korean hackers deploy new trick to stop Windows from identifying malware

BlueNoroff threat group linked to DPRK has used technique in ongoing campaign targeting foreign firms, researchers say

Ethan Jewell December 28, 2022

North Korean hackers deploy new trick to stop Windows from identifying malware

A physical representation of bitcoin | Image: Eivind Pederson via Pixabay

North Korean hackers have adopted a new trick to evade Microsoft Windows’ built-in defenses and spread powerful malware, security researchers said Tuesday, successfully utilizing the technique against at least one international firm.

According to a report from Russian cybersecurity firm Kaspersky, a North Korean threat group tracked as BlueNoroff has begun burying malicious scripts inside of optical disk image (.iso) and virtual hard disk (.vhd) files. The technique prevents Windows from flagging the file as originating from the internet, a security mechanism that usually provides warning pop-ups to the user.

“This technique only works for

01Trump return rekindles prospects of North Korea talks, but Russia stands in way
02How China could benefit from North Korea’s troop deployment to Ukraine
03New North Korean ICBM delivers big political message, and likely bigger payloads
04How North Korea-Russia ties will challenge next US president, no matter who wins
05What to make of the stunning collapse in value of North Korean won
06What to know about Kim Yong Bok, the man leading North Korean troops in Russia
07If Trump: How erratic leader’s reelection could scramble North Korea policy
08North Korea’s admission of drone incursion exposes glaring gaps in air defenses

North Korean hackers deploy new trick to stop Windows from identifying malware

LATEST ANALYSIS

Similar Articles

About the Author

Ethan Jewell