US-CERT releases details on SMB worm tool likely used in Sony attack- complete breakdown

US-CERT released alert TA14-353A today detailing a “SMB Worm Tool” recently used by cyber threat actors against a “major entertainment company”. Given the timing of the US formal accusations against North Korea, this certainly hints that the malware toolset being referenced is the one used by the Guardians of Peace (GOP) in the recent Sony Entertainment Pictures attack and data breach. Given my initial review of the malware’s characteristics – now I’m a little more impressed.

US-CERT releases details on SMB worm tool likely used in Sony attack- complete breakdown