Feds reveal technical details of North Korea’s cyber attacks

North Korea has been running a hacking campaign targeting aerospace, telecommunications and financial industries in the US since 2016, according to alerts issued by the government. Homeland Security and the FBI have released the technical details of what they say are North Korean-sponsored cyber attacks in an effort to help companies protect themselves. The alerts contain IP addresses associated with Volgmer, one of the backdoor Trojans the hackers have been using for years.

They also contain info on the FALLCHILL malware North Korean hackers have reportedly been using to compromise networks in the aforementioned sectors. FALLCHILL gains entry into a computer when a user visits an infected website and unwittingly downloads it. It could also come as a secondary payload brought about by another malware that had infected the system. Once it’s in, FALLCHILL can retrieve info, as well as execute, terminate and move processes and files. The malware can also clean up after itself, making it hard to detect its presence.

According to the feds, both Volgmer and FALLCHILL are part of North Korea’s “Hidden Cobra” program, which was created to deploy cyber attacks against enemy states. The US government had already issued a warning about Hidden Cobra earlier this year, claiming that it’s been infiltrating media, financial, aerospace and critical infrastructure sectors in the US and around the globe since 2009.

If the name doesn’t exactly sound familiar, it’s because they’re apparently more widely known as the Guardians of Peace — the group that claimed responsibility for the massive Sony Pictures hack in 2014 — and the Lazarus Group. North Korea, however, continues to deny all the hacking allegations thrown at it, including the attack on Sony Pictures and the theft of F-15 fighter jet wings’ blueprints from South Korea’s computers.

Source: Homeland Security, Reuters

Engadget RSS Feed

Post Author: martin

Martin is an enthusiastic programmer, a webdeveloper and a young entrepreneur. He is intereted into computers for a long time. In the age of 10 he has programmed his first website and since then he has been working on web technologies until now. He is the Founder and Editor-in-Chief of BriefNews.eu and PCHealthBoost.info Online Magazines. His colleagues appreciate him as a passionate workhorse, a fan of new technologies, an eternal optimist and a dreamer, but especially the soul of the team for whom he can do anything in the world.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.