Researchers have stitched together two sophisticated malware campaigns that are targeting North Korea, raising suspicion over counteractions tied to the country’s aggressive weapons testing.
Cybersecurity researchers from Cylance released a report Tuesday asserting that Konni, a recently discovered but long active family of remote access trojans, was used in a malware campaign targeting North Korea shortly after a July 3 missile test. It marks the fifth known Konni campaign in three years and the third in 2017.
This follows similar reports from the firm Talos that showed a Konni campaign launched just a day after missile tests on July 4.
In addition to the malware campaign, Cylance is connecting Konni to a hacking group known as DarkHotel. Just a few days after the July ICBM test, a whitepaper by the cybersecurity firm BitDefender reported a new campaign from DarkHotel, a group that has successfully targeted businesses for a decade through security holes in Wi-Fi infrastructure at hotels around the world.
The July campaign, called “Inexsmar,” …