U.S. Cyber Command has uploaded a sample of malwareÂ that isÂ associated with a North KoreanÂ advanced persistent threat group andÂ designed to perform data exfiltration through a backdoor, TechCrunch reported Friday.
Cybercom posted the “Electric Fish” tunneling virus toÂ VirusTotal, an online database built forÂ security research purposes. The uploadÂ offersÂ insight into cybersecurityÂ threats from nation-state hackers, the report said. The Department of Homeland SecurityÂ and the FBI determined in May that North Korea uses the malware linked to theÂ APT38 hacking group.
Security company FireEye said in October itÂ found that APT38, which primarily targets financial institutions, could stayÂ withinÂ a target’s network for an average of 155 days. The financial-crime group hasÂ conducted operations against more than 16 organizations worldwide, FireEye noted.