The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have published a new Malware Analysis Report (MAR) on BLINDINGCAN, a malware variant used by North Korean actors. In addition to providing a description of BLINDINGCAN, the MAR contains suggested response actions and recommended mitigation techniques. The MAR encourage users or administrators to flag and report activity they describe to CISA (online reporting form, [email protected], or 1-888-282-0870) or the FBI CyWatch ([email protected] or 1-855-292-3937), and give the activity the highest priority for enhanced mitigation. Read the MAR at CISA.
CISA also encourages users and administrators to review its North Korean Malicious Cyber Activity page for more information, which includes other MARs.