Jump to content
Sign in to follow this  

[Slashdot] - Internal Docs Show Why the US Military Publishes North Korean and Russian Malware

Recommended Posts

An anonymous reader quotes a report from Motherboard: Newly released and previously secret documents explain in greater detail how, and why, a section of the U.S. military decides to publicly release a steady stream of adversarial countries' malware, including hacking tools from North Korea and Russia. Cyber Command, or CYBERCOM, publishes the malware samples onto VirusTotal, a semi-public repository that researchers and defenders can then pore over to make systems more secure. The document provides more insight into how the U.S. military is engaged in an unusually public-facing campaign, and in particular highlights one of the reasons CYBERCOM wants to release other nation's hacking tools: to make it harder for enemy hackers to remain undetected. A previously secret section of one of the CYBERCOM documents reads "Posting malware to VT [VirusTotal] and Tweeting to bring attention and awareness supports this strategy by putting pressure on malicious cyber actors, disrupting their efforts." Motherboard obtained the redacted documents through a Freedom of Information Act (FOIA) request to CYBERCOM. CYBERCOM started publishing malware in 2018, with one sample coming from Russian-linked hacking group APT28. It has since released malware from North Korean hackers. CYBERCOM also has a dedicated Twitter account for distributing news of the samples. Some tweets even include memes such as "DPRK MALWARE" written onto conversation candy hearts to coincide with a release on Valentines Day. When it originally announced the campaign, CYBERCOM said it "initiated an effort to share unclassified malware samples it has discovered that it believes will have the greatest impact on improving global cybersecurity." But the documents show how the effort has a more offensive slant, too. In a statement a CYBERCOM spokesperson reiterated some of the agency's earlier public comments, writing, "We plan to continue to publicly disclose malware samples, which we believe will have the greatest impact on improving global security." You can read the documents here.

twitter_icon_large.png facebook_icon_large.png

Read more of this story at Slashdot.


View the full article

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...

Important Information

By using The Great Escaped Online Community, you agree to our Privacy Policy and Terms of Use