https://www.theregister.co.uk/2018/05/30/north_korea_joanap_and_brambul_malware/

US CERT has issued a Technical Alert that says two strains of malware are tools of the North Korean government.

The Alert says that the United States’ Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) “identified IP addresses and other indicators of compromise (IOCs) associated with two families of malware used by the North Korean government.”