Monday, February 22, 01:27
Home security BLINDINGCAN: CISA warns of new North Korean malware

BLINDINGCAN: CISA warns of new North Korean malware

CISA BLINDINGCAN

Η CISA posted a warning about a new one malware, BLINDINGCAN, used by North Korean hackers.

This new malware was detected in targeted attacks American and foreign companies, operating in its field military defense and aerospace. These attacks have also been reported in her reports McAfee and ClearSky.

In all the attacks, the North Korean hackers appeared as recruiters of large companies, in order to reach employees in the desired Companies.

The employees-goals were called to go through a process interview, in which received malicious Office documents or PDF, used by North Korean hackers to install malware on computers of the victims.

The final payload in these attacks is the focus of CISA alert. This is a remote access trojan (RAT), which CISA calls BLINDINGCAN (in the ClearSky report is called DRATzarus).

North Korean malware

CISA experts say North Korean hackers used malware to gain access to victims' systems and gather information on key military and energy technologies.

This was possible through the advanced capabilities of BLINDINGCAN, which allow the following:

  • Retrieve information about all installed disks, including disk type and free disk space
  • Get operating system (OS) version information
  • Get information about the processor
  • Get a system name
  • Get information about your local IP address
  • Obtaining the MAC (media access control) address of the victims
  • Create, start and end a new process
  • Search, read, write, move and run files
  • Modify files
  • Remove malware from the infected system

The CISA notice includes indicators violation and other technical details that can help system administrators and security professionals scan their networks for signs of infection.

Is 35th time the US government issued a security warning for malicious activity of North Korean hackers. As of May 12, 2017, CISA has published reports of 31 malware by these hackers.

The government hackers North Korea is one of the most frequent threats which have targeted the US in recent years, along with Chinese, Iranian and Russian hacking groups.

In April, the Foreign Ministry of USA intensified its efforts to deter North Korean attacks by creating a $ 5 million rewards program for any information about them hackers and their activities.

In a report published last month, The U.S. military has revealed that many of North Korea's hackers act from abroad and not just from their country.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!

LIVE NEWS

How to make a Facetime Audio call

Tired of low quality cell phone calls? Thanks to FaceTime, you can make high-resolution calls if you use iPhone, iPad, ...

How to add special effects to Instagram messages

Did you know that you can make instant Instagram messages more impressive? Like any other Instagram feature, you can add special ...

Only 270 addresses are responsible for 55% of all money laundering

Cybercriminals who keep their money in cryptocurrencies tend to "launder" money through a small set of online services, according to ...

Twitter: Voice messages are coming! How do we send them?

Twitter will soon support voice messages in both iOS and Android applications. This means that you will be able to send ...

How to connect a Bluetooth headset to a Nintendo Switch

The Nintendo Switch has a headphone jack. However, most headphones have become wireless so you will need a way to connect them ...

How to hide your phone number in Telegram

If you wish to create a Telegram account, you must provide your telephone number. In this way, Telegram validates the ...

Google Assistant: How can you delete your recordings?

Google Assistant can make your daily life much easier. However, it also involves some privacy issues, as ...

Microsoft: Office 2021 / Office LTSC coming in the second half of 2021

Microsoft announced that the Microsoft Office Long Term Service Channel (LTSC) and Office 2021 will be released in 2021, for ...

How to quickly create QR codes with Bing

If you ever need to create a QR code, but you do not know how, Microsoft has an easy-to-use tool available in any program ...

Brave: Onion addresses leaked to DNS traffic

The Tor function included in the Brave web browser, allows users to access .onion dark web domains within ...