US issues fresh alert on North Korean malware campaigns

Date:

Share post:

spot_imgspot_img
San Francisco, May 31 (IANS) The US has issued a fresh alert on malicious cyber activity by North Korea, warning people that two families of malware — referred to as Joanap and Brambul — may be using the Internet Protocol (IP) addresses to maintain a presence on victims’ networks and enable network exploitation.

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) released the joint Technical Alert (TA) on Wednesday, according to the US Computer Emergency Readiness Team (US-CERT), part of the DHS.

Working with US government partners, DHS and FBI identified the IP addresses and other indicators of compromise associated with the two families of malware used by the North Korean government.

Joanap is a remote access tool (RAT) used to establish peer-to-peer communications and to manage botnets designed to enable other operations.

Brambul malware is a malicious Windows 32-bit Server Message Block (SMB) worm that functions as a service dynamic link library file or a portable executable file often dropped and installed onto victims’ networks by dropper malware.

The US-CERT said that the Department of Homeland Security and FBI are distributing the affected IP addresses and other indicators of compromise to enable network defence and reduce exposure to any North Korean government malicious cyber activity.

The US government refers to malicious cyber activity by the North Korean government as Hidden Cobra.

Hidden Cobra actors have likely been using both Joanap and Brambul malware since at least 2009 to target multiple victims globally and in the US — including the media, aerospace, financial, and critical infrastructure sectors, the US-CERT said citing reporting from its trusted third parties.

spot_imgspot_img

Related articles

Rs 79,459 crore Rajasthan refinery to boost India’s energy self-reliance: Hardeep Puri

New Delhi, July 4: Union Petroleum and Natural Gas Minister Hardeep Singh Puri on Saturday described India's first...

Parliament’s Monsoon Session from July 20, key Bills likely to be tabled

New Delhi, July 4: Union Parliamentary Affairs Minister Kiren Rijiju on Saturday announced that the Monsoon Session will...

Fresh blow to Mamata as Trinamool’s Bengal chief quits hours after rebels seize party HQ

Kolkata, July 4: The crisis in the Trinamool Congress escalated as its newly elected West Bengal president, Chandrima...

Record defence exports proof of global confidence in ‘Make in India’ platforms: Rajnath Singh

New Delhi, July 4: Annual defence production touched an all-time high of Rs 1.78 lakh crore in financial...