Malware Tied to Suspected North Korean Hackers

(May 30 & 31, 2018)

The FBI and the US Department of Homeland Security (DHS) have released information via US-CERT about two malware familiesthe Joanap remote access tool (RAT) and the Brambul Server Message Block (SMB) wormthat appear to be linked to a North Korean hacking group known as Hidden Cobra. Both have been used in attacks against targets in the US and elsewhere around the world.

Courtesy of: (SANS Newsbites)

Read more in:

SC Magazine: FBI, DHS share intel on RAT and worm linked to North Korea

https://www.scmagazine.com/fbi-dhs-share-intel-on-rat-and-worm-linked-to-north-korea/article/769583/

US-CERT: HIDDEN COBRAJoanap Backdoor Trojan and Brambul Server Message Block Worm

https://www.us-cert.gov/ncas/alerts/TA18-149A

US-CERT: MAR-10135536-3 – HIDDEN COBRA RAT/Worm

https://www.us-cert.gov/ncas/analysis-reports/AR18-149A

Posted in News