North Korean Malicious Cyber Activity

Original release date: April 10, 2019

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Malware Analysis Report (MAR) MAR-10135536-8 and the page on HIDDEN COBRA - North Korean Malicious Cyber Activity for more information.


This product is provided subject to this Notification and this Privacy & Use policy.