Ever heard of the Lazarus hacker group? They are a notorious hacker group from North Korea that is responsible for a string of cyberattacks on Western as well as Japanese and South Korean corporate entities. The Lazarus group, is also known as Hidden Cobra, and is rumored to work with the North Korean government on espionage campaigns that target the nation’s most fervent adversaries.
For its cyberattack missions, Lazarus relies on an arsenal of malicious software that can quietly infiltrate computer systems and to create backdoors that give hackers unprecedented access and control over a compromised device. North Korea also uses the malware entities as transmitters of ransomware strains that serve as revenue sources to the highly sanctioned state.
In this article, we shall discuss a malware entity dubbed as Electricfish that is believed to originate from the Lazarus hacker group.
Electricfish, What Is It?
Electricfish is a malware entity that was first discovered by the FBI and the DHS (Department of Homeland Security) in 2019. In its report about the malware entity, the FBI Cyber Watch noted that the 32-bit executable file implements a custom protocol that allows traffic to be funneled between a source and a destination IP address. Because the malware continuously attempts to reach to the source and the designation system, it is able to establish a funneling session.
The FBI also noted the Electricfish malware is very stealthy because it can be configured with a proxy server or proxy username and password, a feature that allows it to connect to a system sitting inside of a proxy server. This gives cybercriminals the ability to bypass authentication to reach outside the network. In other words, using Electricfish, the Lazarus group is able to take over computers without their users knowing that they are compromised. What’s more, Electricfish constantly reinstalls itself even when it is removed. It is one of those malware entities that you really don’t want inside your computer like ever. So, how do you deal with the Electricfish malware? Here is a comprehensive removal guide.
How to Remove Electricfish Malware
As soon as the FBI Cyber Watch discovers a new malware entity, it works up a report detailing how it operates, its binary signatures, and explores possible ways of stopping it. The report is then made available to cybersecurity firms around the world who then add the malware and its signatures to their anti-malware solutions.
All this is to say that all you need to remove the Electricfish malware from your computer, is a reliable anti-malware solution such as Outbyte Anti-Malware. But you will be required to run the antivirus on Safe Mode with the option of networking. Safe Mode will prevent the malware entity from starting on auto start and thus from interfering with anti-malware defenses. On the other hand, the network option provides the ability to download utility tools, or seeking further help on the internet.
After the anti-malware software confirms that the virus has been removed, it is time to repair your computer with a PC repair tool. The reason you need it is because the malware entity has most likely build up residence within the junk files and defunct apps on your device. You need to delete these and also repair broken or missing registry entries.
If don’t have the luxury of buying an anti-malware solution, then you can use Windows recovery tools such as System Restore or the Reset this PC option to recover from the malware attack.
Protect Your Computer from Electricfish Malware
The Lazarus group is known to use all kinds of ways to infiltrate computer networks around the world. So, if you don’t want to be a victim of their malicious cyberattacks, you’ve got to stay vigilant. Here are a few tricks to help you with that.
- Buy a premium anti-malware solution and use it to scan your computer as often as humanly possible. This will warn you of ongoing infections.
- Avoid shady sites that feature too many advertisements as the adverts often contain malicious links.
- Don’t be too reliant on free software from sites such as The Pirate Bay as some of the software packages are bundled together with malware.
- Keep yourself informed of the various malware threats that are out there as that way, you will be more likely to know what you are dealing with when faced with a malware threat.
- Finally, if share your computer or network of computers with others, sit down with them and craft a cyber defense strategy that works for everyone.