What’s curious is that the malware is not particularly sophisticated. Sophos products have been able to detect the malware for nearly a year, and the various commands embedded in the malicious code have not been obfuscated.
For this reason, it’s hard to jump to the immediate conclusion that this was necessarily evidence of a «cyberwarfare» attack coming from North Korea.