hhhh
Newsletter
Magazine Store
Home

>>

Technology

>>

Cyber security

>>

The U.S. Government Issues Ale...

CYBER SECURITY

The U.S. Government Issues Alert over Two New Malware Related To Hidden Cobra

The U.S. Government Issues Alert over Two New Malware Related To Hidden Cobra
The Silicon Review
01 June, 2018

The FBI and DHS have recently released a technical alert warning about two newly discovered malware that North Korean hacking group, Hidden Cobra are using to remotely penetrate systems and to steal sensitive data and credentials.

Being used by the notorious hacking group, the U.S. government code-named the malware as Joanap, which is a Remote Access Trojan (RAT) and Brambul, which is a Server Message Block (SMB) worm.

Often known as Lazarus Group and Guardians of Peace, Hidden Cobra is believed to be backed by the North Korean government. According to the U.S. government, known for launching attacks mostly against media organizations, aerospace, financial and critical infrastructure sectors across the world, the Hidden Cobra hackers have been using the two new pieces of malware since at least 2009.

This ill-famous hacking group was even associated with the nasty WannaCry ransomware attack that last year shut down hospitals and businesses and created havoc all across the globe. That’s not all! Hidden Cobra is also associated with the 2014 Sony Pictures hack, as well as the 2016 SWIFT Banking attack.

Joanap

According to the US-CERT, Joanap is a two-stage malware that establishes peer-to-peer communications allowing the hackers to remotely execute commands to pwn Windows device.

Joanap can compromise any system as a file either dropped via malware when downloaded from compromised sites or when someone opens malicious email attachments. According to an analysis of the Joanap infrastructure, the malware is found on 87 pwned network nodes in 17 countries including nations such as Brazil, China, Spain, Taiwan, Sweden, India, and Iran.

Brambul

Brambul is a brute-force authentication worm that pwns the Server Message Block (SMB) protocol and spread itself to other systems.

Spreads through SMB shares, the malicious Windows 32-bit SMB worm, Brambul is a dynamic link library file often dropped and installed onto victims' networks by dropper malware. Once Brambul is successful in gaining access to infected systems, the malware then communicates information about victim's systems to the Hidden Cobra hackers using email. The information includes the IP address and hostname as well as credentials of each victim's system.

MOST VIEWED ARTICLES

How To Start A College Essay About Yourself

Pitch Perfect: The Best Soccer Fields and Facilities in the MLS

How Webflow Development Can Revolutionize Your Marketing Strategy

Embracing Digital Transformation in Manufacturing and Inventory Management

EdTech Startups: Transforming Learning with Innovative Solutions

RECOMMENDED NEWS

AI titan Nvidia Chinese auto giants

AI titan Nvidia ramped up the collaboration w..
Interos One-Size-Fits-All Resilience Watchtower™

Interos ended One-Size-Fits-All supply chain ..
Aerospacelab Xona Space’s first navigation satellite

Aerospacelab was appointed to build Xona Spac..
DNX Ventures new Japan funds

DNX Ventures announced final close of new Jap..
Cohort announced for ScreenCraft Works cross-border mentoring programme

Cohort announced for ScreenCraft Works cross-..
U.S. Travel Executive Board Governance Committee

U.S. Travel announced new appointees to Execu..
Axis Bank US Dollar Fixed Deposits

Axis Bank launched digital US Dollar Fixed De..
Dolce&Gabbana first real estate project

Dolce&Gabbana unveiled details of its fir..
GeeTest

TOP NEWS

ASG expanded by opening a London office

Alternus Clean Energy and Acadia Energy partnered to develop 200 MW Microgrid Projects

US Science Agency debuted startup matchmaking program in Taiwan

Dallas’ Welker Properties launched Prophet Homes, aims to raise $100M with new fund

Joint EU-US-Armenia high level meeting happened in support of Armenia's resilience

YOU MAY ALSO LIKE

PUMA Studio announced opening in LA to create products and campaigns

Efficiency Redefined: Driving the Ford Lease Advantage

TotalEnergies expanded its Natural Gas production in Texas

Altice’s Patrick Drahi acquired Sotheby’s Auction House for $3.7 Billion

Mastercard and SAP Concur partnered to revolutionise expense management
GeeTest Protects Your Business From Hacking
ready to Protects Your website, mobile app, and api from bot threats
NOMINATE YOUR COMPANY NOW AND GET 10% OFF