recommended reading

Threatwatch

DHS, FBI Warn of Tools Used By North Korean Hacking Group

Denial-of-service attack

The Homeland Security Department and FBI issued a joint technical alert Tuesday, detailing the tools and botnet infrastructure associated with cyber actors of the North Korean government.

The agencies refer to malicious activity by the North Korean government as Hidden Cobra, though other security firms have called it the Lazarus Group and the Guardians of Peace. The alert states the actors are targeting media, aerospace, financial and critical infrastructure sectors in the U.S. and around globally with a malware called DeltaCharlie that manages its distributed denial-of-service infrastructure.

Hidden Cobra often targets older, unsupported Microsoft operating systems and Adobe Flash vulnerabilities. The group sometimes steals data while other attacks are disruptive, the alert states.

The alert includes indicators of compromise, malware descriptions, network signatures, and host-based rules to detect activity and urges any organization that does to let DHS’ National Cybersecurity and Communications Integration Center or the FBI's Cyber Watch.

sector

Defense Industrial Base; Financial Services; Media; Other Critical Infrastructure

reported

June 13, 2017

reported by

Department of Homeland Security

number affected

Unknown

location of breach

Unknown

perpetrators

North Korean Hackers

location of perpetrators

North Korea

date breach occurred

Unknown

date breach detected

Unknown