North Korean Antivirus Software Uses Decade Old Pirated Scan Engine

With a name like 'SiliVaccine' you could be forgiven it's something your doctor would give you if you were worried about turning into a clown. But in fact this is North Korea's home grown antivirus product. From a report: Check Point Software has obtained and analyzed a rare copy of the software and discovered key components of its source code to be identical to a 10-year old copy of Trend Micro's AV software. Analysis has also uncovered that SiliVaccine is designed to allow a specific malware signature to pass undetected to users, and an update patch for the software contained JAKU malware, which has been used to target and track specific individuals in South Korea and Japan. Check Point believes this could have been used to target journalists who write about North Korean affairs.

Outside NK

[jbmartin6]

the software contained JAKU malware, which has been used to target and track specific individuals in South Korea and Japan. Check Point believes this could have been used to target journalists who write about North Korean affairs.

It took me a minute to parse this. It means, unrelated to this NK AV package, the JAKU malware could have been used in the past to target Japanese and South Korean journalists.

Better link:

[Gravis+Zero]

detailed analysis with real info: SiliVaccine: Inside North Korea’s Anti-Virus