Alert

North Korean Malicious Cyber Activity

Last Revised

The Department of Homeland Security, the Department of the Treasury, and the Federal Bureau of Investigation have identified malware and other indicators of compromise used by the North Korean government in an ATM cash-out scheme—referred to by the U.S. Government as “FASTCash.” The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

NCCIC encourages users and administrators to review Alert TA18-275A: HIDDEN COBRA - FASTCash Campaign, Malware Analysis Report (MAR) MAR-10201537, and the page on HIDDEN COBRA - North Korean Malicious Cyber Activity for more information.

This product is provided subject to this Notification and this Privacy & Use policy.