North Korean official news agency site serves malware

PC World

Users who visited the site of the state-run North Korean news agency, to see the country’s response to the Sony hacking accusations or for other reasons, might want to scan their computers for malware.

A security researcher found that the site hosts a malicious file called that is served by JavaScript code loaded from kcna.user.exploit.exploit.kcmsf (kcmsf is a custom file extension used by the site). contains two executable files called “Install Flash Player 10 Activex.exe” and “Install Flash Player 10 Plugin.exe.” Both of the files are malicious, according to scans done with VirusTotal, an online file scanning service that uses multiple antivirus engines, said the researcher, who uses the online alias InfoSecOtter, in a blog post Sunday.

view PC World