• About
  • Advertise
  • Careers
  • Contact
Saturday, March 25, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Cyber Attacks

U.S Defense Warns of 3 New Malware Used by North Korean Hackers

by Cyber360 News
May 13, 2020
in Cyber Attacks
0
U.S Defense Warns of 3 New Malware Used by North Korean Hackers
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

Yesterday, on the 3rd anniversary of the infamous global WannaCry ransomware outbreak for which North Korea was blamed, the U.S. government released information about three new malware strains used by state-sponsored North Korean hackers.

Called COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH, the malware variants are capable of remote reconnaissance and exfiltration of sensitive information from target systems, according to a joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD).

The three new malware strains are the latest addition to a long list of over 20 malware samples, including BISTROMATH, SLICKSHOES, HOPLIGHT, and ELECTRICFISH, among others, that have been identified by the security agencies as originating as part of a series of malicious cyber activity by the North Korean government it calls Hidden Cobra, or widely known by the moniker Lazarus Group.

Full-Featured Trojans

COPPERHEDGE, the first of the three new variants, is a full-featured Remote Access Tool (RAT) capable of running arbitrary commands, performing system reconnaissance, and exfiltrating data. It’s being used by advanced threat actors to target cryptocurrency exchanges and related entities. Six different versions of COPPERHEDGE have been identified.

TAINTEDSCRIBE functions as a backdoor implant that masquerades itself as Microsoft’s Narrator screen reader utility to download malicious payloads from a command-and-control (C2) server, upload, and execute files, and even create and terminate processes.

Lastly, PEBBLEDASH, like TAINTEDSCRIBE, is another trojan with capabilities to “download, upload, delete, and execute files; enable Windows CLI access; create and terminate processes; perform target system enumeration.”

A significant Cyber Espionage Threat

The WannaCry ransomware infection of 2017, also known as Wanna Decryptor, leveraged a Windows SMB exploit, dubbed EternalBlue, that allowed a remote hacker to hijack unpatched Windows computers in return for Bitcoin payments of up to $600. The attack has since been traced to Hidden Cobra.

With the Lazarus Group responsible for the theft of more than $571 million worth of cryptocurrency from online exchanges, the financially-motivated attacks led the US Treasury to sanction the group and its two off-shoots, Bluenoroff and Andariel, last September.

Then earlier this March, the US Department of Justice (DoJ) charged two Chinese nationals working on behalf of the North Korean threat actors to allegedly launder over $100 million worth of the stolen cryptocurrency using prepaid Apple iTunes gift cards.

Last month, the US government had issued guidance on the ‘significant cyber threat’ posed by North Korean state-sponsored hackers to the global banking and financial institutions, in addition to offering a monetary reward of up to $5 million for information about past or ongoing illicit DPRK activities in the cyber realm.

“The DPRK’s malicious cyber activities threaten the United States and the broader international community and, in particular, pose a significant threat to the integrity and stability of the international financial system,” the advisory cautioned.

“Under the pressure of robust US and UN sanctions, the DPRK has increasingly relied on illicit activities – including cybercrime – to generate revenue for its weapons of mass destruction and ballistic missile programs.”

Cyber360 News

Cyber360 News

Next Post
Palo Alto Networks addresses tens of serious issues in PAN-OS

Palo Alto Networks addresses tens of serious issues in PAN-OS

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In