Hidden Cobra – Page 2 – WindowsTechs.com

FBI burrowing into North Korea’s big bad botnet

Posted on February 4, 2019 by Lisa Vaas

The FBI revealed that it joined the Joanap botnet and started chewing it up from the inside. Continue reading FBI burrowing into North Korea’s big bad botnet→

U.S. Government Goes After North Korea’s Joanap Botnet

Posted on January 31, 2019 by Lindsey O'Donnell

The Department of Justice is looking to dismantle the Joanap botnet, which has been built and controlled by North Korea-linked hackers since 2009. Continue reading U.S. Government Goes After North Korea’s Joanap Botnet→

APT28 Pulls Out New Malware Cannon

Posted on November 21, 2018 by Lucian Constantin

The notorious Russian cyberespionage group known as APT28, Fancy Bear and Sofacy is targeting government organizations using a new Trojan program called Cannon. Researchers from Palo Alto Networks detected new spear-phishing campaigns from APT28 at th… Continue reading APT28 Pulls Out New Malware Cannon→

North Korea reuses code in major hacks, researchers find

Posted on August 10, 2018 by Ryan Duffy

Most of Pyongyang’s highest-profile cyberattacks over the past decade were cobbled together with bits of reused code, overlapping networking infrastructure and the indelible fingerprint of North Korean military hackers, a pair of researchers have found. North Korea has come a long way since it first emerged on the global stage as a nascent cyber threat. As it grew in power, hit new targets and conducted malicious activities, Pyongyang didn’t need to reinvent the wheel. Instead, it built on previous successes, leveraging code from previous campaigns to build out future malware. After months of code analysis, Christiaan Beek and Jay Rosenberg, the two researchers, published blog posts outlining their findings, which trace reused code all the way from a DDoS attacks launched by a fledging outfit of North Korean hackers in 2009 all the way to WannaCry, one of the world’s most crippling cyberattacks launched last year by a North Korea-backed hacking group. […]

The post North Korea reuses code in major hacks, researchers find appeared first on Cyberscoop.

Continue reading North Korea reuses code in major hacks, researchers find→

US Government warns of more North Korean malware attacks

Posted on June 18, 2018 by Graham Cluley

Just days after the two countries signed a joint agreement at their unprecedented talks, the US Department of Homeland Security has issued a warning about more malware being used by the North Korean government against US organisations.
Read more in my … Continue reading US Government warns of more North Korean malware attacks→

After Trump courts Kim, U.S. issues warning on North Korean malware

Posted on June 14, 2018 by Sean Lyngaas

Days after the historic United States-North Korea summit, the Department of Homeland Security and FBI have warned U.S. industry about a malware variant tied to North Korean government hackers. The DHS-FBI report released Thursday on the malware, dubbed Typeframe, analyzes 11 samples, including infected Windows files and a malicious Microsoft Word document. “These files have the capability to download and install malware, install proxy and remote access Trojans, connect to command and control servers to receive additional instructions, and modify the victim’s firewall to allow incoming connections,” the report states. Pyongyang’s hackers have gotten considerably more advanced in recent years, allegedly carrying out brazen attacks on banks around the world. Ahead of the high-profile meeting this week between President Donald Trump and North Korean dictator Kim Jong Un, North Korean hackers were not letting up their activity, attacking companies in Asia, Europe, and the United States. The DHS-FBI report encourages computer users to report any […]

The post After Trump courts Kim, U.S. issues warning on North Korean malware appeared first on Cyberscoop.

Continue reading After Trump courts Kim, U.S. issues warning on North Korean malware→

Git Vulnerability Leads to Remote Code Execution

Posted on May 30, 2018 by Lucian Constantin

A new version of the widely used Git version control system fixes a vulnerability that allows malicious code repositories to execute code on client computers when being cloned. Originally created for Linux kernel development, Git is an open source too… Continue reading Git Vulnerability Leads to Remote Code Execution→

Hidden Cobra Strikes Again with Custom RAT, SMB Malware

Posted on May 30, 2018 by Tara Seals

The North Korean-sponsored actors are targeting sensitive and proprietary information, and the malware could disrupt regular operations and disable systems and files. Continue reading Hidden Cobra Strikes Again with Custom RAT, SMB Malware→

ThaiCERT Seizes Hidden Cobra Server Linked to GhostSecret, Sony Attacks

Posted on April 27, 2018 by Tara Seals

It’s analyzing the server, operated by the North Korea-sponsored APT, which was used to control the global GhostSecret espionage campaign affecting 17 countries. Continue reading ThaiCERT Seizes Hidden Cobra Server Linked to GhostSecret, Sony Attacks→

US Government issues alert about North Korean “Hidden Cobra” cyber attacks

Posted on November 15, 2017 by Graham Cluley

The FBI and US Department of Homeland Security have issued an alert that hackers have targeted the aerospace industry, financial services and critical infrastructure with a remote access trojan (RAT) to further exploit vulnerable networks.
Read more in… Continue reading US Government issues alert about North Korean “Hidden Cobra” cyber attacks→