The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) previously issued a malware report in which they detailed a new remote-access trojan variant used by APT groups in North Korea. The report claims that the remote access trojan, BLINDINGCAN, is associated with the government of North Korea.
The RAT can be used to exfiltrate sensitive data as well as steal files. In the report, the CISA stated that the APT group using the RAT, Hidden Cobra, targeted government entities and contractors earlier this year, attempting to steal sensitive information.
Read More: CISA Warns of New RAT Aimed at US Defense Contractors