It is a well-known fact that most of the cyberattacks originate from countries that have a government backing along with them. These are the countries such as Russia, China and North Korea where it is almost impossible to catch those hackers since they use high level of security and are state-backed meaning that governments can’t do anything as most of them don’t have diplomatic ties with the country they are attacking. Now, we know that the world was attacked by a dangerous malware known as WannaCry few years ago and it is known that today is the third-year anniversary of that malware.
While there is no reason to celebrate such a day because the malware caused a lot of havoc around the world, the US cyber-security officials have now revealed something we must be warned about. They have detailed new malware that has originated from North Korea which is known as COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH.
Not only have the names been revealed by the US officials, they have also revealed what each one of them does. For example, COPPERHEDGE is “capable of running arbitrary commands, performing system reconnaissance, and exfiltrating data”. On the other hand, TAINTEDSCRIBE is a trojan installed on hacked systems to “receive and execute the attacker’s commands”. PEBBLEDASH is capable to “download, upload, delete, and execute files; enable Windows CLI access; create and terminate processes; and perform target system enumeration.”
This means all these malware trojans are dangerous for Windows users and they should be dealt with care. Also, the US has revealed what the malware files look like on their Virus Total account which means if you detect something similar, you should take professional help before something dangerous takes place. This exercise is done by the US government so that these malware details can be revealed and the damage can be limited.