Luxor Forums - White Hat & Community Forums
North Korean antivirus software uses decade old pirated scan engine
#1
A North Korean anti-virus known as 'SiliVaccine' has been found to be using a 10-year old scan engine.


Check Point Software has obtained and analyzed a rare copy of the 'SiliVaccine' software and discovered key components of its source code to be identical to the 10-year old copy of Trend Micro's AV software.

Analysis has also uncovered that SiliVaccine is designed to allow a specific malware signature to pass undetected to users, and an update patch for the software contained JAKU malware, which has been used to target and track specific individuals in South Korea and Japan. Check Point believes this could have been used to target journalists who write about North Korean affairs.


[Read more...]