The U.S. Department of Homeland Security and the FBI have issued a joint alert about a new piece of malware that the North Korean APT hacking group Hidden Cobra has actively been using in the wild. Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by North Korean government. The malware implements a custom protocol that allows hackers to bypass the compromised system’s required authentication to reach outside of the network. It is a command-line utility whose primary purpose is to quickly funnel traffic between two IP addresses.
Source: https://thehackernews.com/2019/05/north-korean-hacking-tool.html