Saturday, April 10, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

FBI Mapping ‘Joanap Malware’ Victims to Disrupt the North Korean Botnet

January 31, 2019
in Internet Privacy
FBI Mapping ‘Joanap Malware’ Victims to Disrupt the North Korean Botnet
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Credit: The Hacker News

The United States Department of Justice (DoJ) announced Wednesday its effort to “map and further disrupt” a botnet tied to North Korea that has infected numerous Microsoft Windows computers across the globe over the last decade.

You might also like

Hackers Tampered With APKPure Store to Distribute Malware Apps

[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business

Alert — There’s A New Malware Out There Snatching Users’ Passwords

Dubbed Joanap, the botnet is believed to be part of “Hidden Cobra”—an Advanced Persistent Threat (APT) actors’ group often known as Lazarus Group and Guardians of Peace and backed by the North Korean government.

Hidden Cobra is the same hacking group that has been allegedly associated with the WannaCry ransomware menace in 2016, the SWIFT Banking attack in 2016, as well as Sony Motion Pictures hack in 2014.

Dates back to 2009, Joanap is a remote access tool (RAT) that lands on a victim’s system with the help an SMB worm called Brambul, which crawls from one computer to another by brute-forcing Windows Server Message Block (SMB) file-sharing services using a list of common passwords.

Once there, Brambul downloads Joanap on the infected Windows computers, effectively opening a backdoor for its masterminds and giving them remote control of the network of infected Windows computers.

If You Want to Beat Them, Then First Join Them

Interestingly, the computers infected by Joanap botnet don’t take commands from a centralized command-and-control server; instead it relies on peer-to-peer (P2P) communications infrastructure, making every infected computer a part of its command and control system.

Even though Joanap is currently being detected by many malware protection systems, including Windows Defender, the malware’s peer-to-peer (P2P) communications infrastructure still leaves large numbers of infected computers connected to the Internet.

So to identify infected hosts and take down the botnet, the FBI and the Air Force Office of Special Investigations (AFOSI) obtained legal search warrants that allowed the agencies to join the botnet by creating and running “intentionally infected” computers mimicking its peers to collect both technical and “limited” identifying information in an attempt to map them, the DoJ said in its press release.

“While the Joanap botnet was identified years ago and can be defeated with antivirus software, we identified numerous unprotected computers that hosted the malware underlying the botnet,” said U.S. Attorney Nicola T. Hanna.

“The search warrants and court orders announced today as part of our efforts to eradicate this botnet are just one of the many tools we will use to prevent cybercriminals from using botnets to stage damaging computer intrusions.”

The collected information about computers infected with the Joanap malware included IP addresses, port numbers, and connection timestamps which allowed the FBI and AFOSI to build a map of the current Joanap botnet.

The agencies are now notifying victims of the presence of Joanap on their infected computers through their Internet Service Providers (ISPs) and even sending personal notifications to people who don’t have a router or firewall protecting their systems.

The US Justice Department and FBI will also coordinate the notification of overseas victims of the Joanap malware by sharing the data with the government of other countries.

The efforts to disrupt the Joanap botnet began after the United States unsealed charges against a North Korean computer programmer named Park Jin Hyok in September last year for his role in masterminding the Sony Pictures and WannaCry ransomware attacks.

Joanap and Brambul were also recovered from computers of the victims of the campaigns listed in the Hyok’s September indictment, suggesting that he aided the development of the Joanap botnet.


Credit: The Hacker News By: noreply@blogger.com (Swati Khandelwal)

Previous Post

Moving Artificial Intelligence From Pockets Of Brilliance To Mass Industrialization

Next Post

Plagued by robocalls? 26 billion spam calls in 2018, quarter from scammers

Related Posts

Hackers Tampered With APKPure Store to Distribute Malware Apps
Internet Privacy

Hackers Tampered With APKPure Store to Distribute Malware Apps

April 10, 2021
[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business
Internet Privacy

[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business

April 10, 2021
Alert — There’s A New Malware Out There Snatching Users’ Passwords
Internet Privacy

Alert — There’s A New Malware Out There Snatching Users’ Passwords

April 10, 2021
Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers
Internet Privacy

Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers

April 9, 2021
Gigaset Android Update Server Hacked to Install Malware on Users’ Devices
Internet Privacy

Gigaset Android Update Server Hacked to Install Malware on Users’ Devices

April 9, 2021
Next Post
Plagued by robocalls? 26 billion spam calls in 2018, quarter from scammers

Plagued by robocalls? 26 billion spam calls in 2018, quarter from scammers

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Machine Learning in Finance Market is exclusively demanding in forecast 2029 | Ignite Ltd, Yodlee, Trill A.I., MindTitan, Accenture, ZestFinance – KSU
Machine Learning

Machine Learning in Finance Market is exclusively demanding in forecast 2029 | Ignite Ltd, Yodlee, Trill A.I., MindTitan, Accenture, ZestFinance – KSU

April 10, 2021
Vue.js vs AngularJS Development in 2021: Side-by-Side Comparison
Data Science

Vue.js vs AngularJS Development in 2021: Side-by-Side Comparison

April 10, 2021
IBM releases Qiskit modules that use quantum computers to improve machine learning
Machine Learning

IBM releases Qiskit modules that use quantum computers to improve machine learning

April 10, 2021
Hackers Tampered With APKPure Store to Distribute Malware Apps
Internet Privacy

Hackers Tampered With APKPure Store to Distribute Malware Apps

April 10, 2021
5 Dominating IoT Trends Positively Impacting Telecom Sector in 2021
Data Science

5 Dominating IoT Trends Positively Impacting Telecom Sector in 2021

April 10, 2021
One-stop machine learning platform turns health care data into insights | MIT News
Machine Learning

One-stop machine learning platform turns health care data into insights | MIT News

April 10, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Machine Learning in Finance Market is exclusively demanding in forecast 2029 | Ignite Ltd, Yodlee, Trill A.I., MindTitan, Accenture, ZestFinance – KSU April 10, 2021
  • Vue.js vs AngularJS Development in 2021: Side-by-Side Comparison April 10, 2021
  • IBM releases Qiskit modules that use quantum computers to improve machine learning April 10, 2021
  • Hackers Tampered With APKPure Store to Distribute Malware Apps April 10, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates