DNA - Sputnik International
Science & Tech
Discover the latest science and technology news from Sputnik including the inventions and scientific breakthroughs that are shaping the world.

Hacking Alert: US Warns Against North Korean ‘Hidden Cobra’ Cyber Attacks

© REUTERS / Kacper Pempel/IllustrationA hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017
A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017 - Sputnik International
Washington has issued a hacking alert for websites associated with the media, aerospace industries, financial networks and key infrastructure, warning of cyber attacks from North Korean sources.

A cyber alert issued by the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) warned against a malicious attack known as "Hidden Cobra" from locations within the People's Democratic Republic of Korea (DPRK).

A screenshot of the warning screen from a purported ransomware attack, as captured by a computer user in Taiwan, is seen on laptop in Beijing, Saturday, May 13, 2017 - Sputnik International
Science & Tech
Experts Warn of Second Round of Cyberattacks Following Friday’s Massive Hack

The Hidden Cobra malware is associated with two better-known purveyors of malicious online activity — Lazarus Group and Guardians of the Peace — which private sector experts have linked to cyber attacks including the 2014 Sony hack, according to Reuters.

The FBI and the DHS detailed that internet protocol (IP) addresses previously associated with malware referred to as "DeltaCharlie," a software tool known to have been used by Pyongyang to run distributed denial-of-service (DDoS) botnet attacks, were associated with Hidden Cobra, according to the alert cited by Korea Times.

"If users or administrators detect the custom tools indicative of HIDDEN COBRA, these tools should be immediately flagged, reported to the DHS National Cybersecurity Communications and Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch), and given highest priority for enhanced mitigation," the alert said, according to Korea Times.

Cyber security experts have begun ringing alarm bells, noting a sharp uptick in malicious online activities from the DPRK.

A cybersecurity analyst with the private company FireEye stated that his firm was on alert due to Pyongyang's increasingly aggressive cyberattacks, including attempted hacks on South Korean finance, energy and transportation networks that give the impression of advance reconnaissance presaging a major attack.

The increased activity from the DPRK "suggests they are preparing for something fairly significant," the analyst said, cited by Japan Times.

Also included in the rare US cyber alert are detailed explanations including indicators of compromise (IOCs), descriptions of the malware, key network signatures to be flagged, and "host-based" rules to assist cyber commandos in identifying, containing and destroying malicious network activities, according to Yonhap.

Cyber experts announced last month that Lazarus was thought to be behind the WannaCry ransomware attack that infected more than 300,000 Windows computers around the globe, describing the connection as "highly likely," according to Reuters.

To participate in the discussion
log in or register
Заголовок открываемого материала