While North Korea’s leader, Kim Jong Un, was busy in Singapore, his government hackers were busy with new malware called TypeFrame and delivered by, you guessed it, a Microsoft Word document.
Typeframe has eleven different elements bundled with a Word document. As usual, the hackers send the document and try to trick people into running the malicious VBA code.
Once the code is run, the North Koreans can install RAT’s (Remote Access Trojans) to break through firewalls, steal data and infect other computers.
It appears Typeframe mainly targeted Asian banks. Hopefully all large companies have good anti-virus protection and staff education to reduce the risk of infection.
US-CERT has a full report on Typeframe.
All the major anti-virus packages, including Windows Defender in Windows 10, know about Typeframe. As long as your software is up to date, it should detect and block Typeframe infected document.
North Korean hacking is common
All this happened days after the ‘peace deal’ between the US and North Korea in Singapore. The joint agreement signed by the two leaders makes no mention of cyber-attacks.
That’s disappointing because North Korean hacking is common.
The US government has given the DPRK’s hacking and malware its own codename ‘Hidden Cobra‘. Typeframe is the sixth cyber-attack from North Korea in 2018 alone.