Saturday, April 10, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

US government publishes details on North Korea’s HOPLIGHT malware

April 11, 2019
in Internet Security
US government publishes details on North Korea’s HOPLIGHT malware
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

The US government has put out a security alert today about a new malware strain used by North Korean hackers, which the US government has named HOPLIGHT.

The report, authored by malware analysts from the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI), attributes the HOPLIGHT malware to HIDDEN COBRA, the US government’s designation for North Korea’s main government-backed hacking group, also referred to in news articles and cyber-security reports as the Lazarus Group.

You might also like

Critical Zoom vulnerability triggers remote code execution without user input

Nation-state cyber attacks targeting businesses are on the rise

These are the terrible passwords that people are still using. Here’s how to do better

Security alert warns of dangerous backdoor trojan

According to the joint DHS-FBI alert, HOPLIGHT appears to be a very powerful backdoor trojan.

On infected systems, the malware collects information about the target’s device and sends the data to a remote server. It can also receive commands from its command and control (C&C) server and execute various operations on infected hosts.

According to DHS-FBI report, HOPLIGHT can:

  • Read, write, and move files
  • Enumerate system drives
  • Create and terminate processes
  • Inject code into running processes
  • Create, start, and stop services
  • Modify registry settings
  • Connect to a remote host
  • Upload and download files

The malware also uses a built-in proxy application to mask its communications with the remote command-and-control (C&C) server.

“The proxies have the ability to generate fake TLS handshake sessions using valid public SSL certificates, disguising network connections with remote malicious actors,” said DHS and FBI analysts.

HOPLIGHT appears to be new malware

The report includes digital signatures for nine files associated with the malware. None of the files were previously available on VirusTotal.

“The variants of HOPLIGHT malware attributed to North Korean malicious cyber activity are new, it has not been publically released before today,” an official for the DHS’ Cybersecurity and Infrastructure Security Agency (CISA) told ZDNet.

“HOPLIGHT has been detected in use globally in a wide array of HIDDEN COBRA malicious activity, not specific to a particular critical infrastructure sector,” the official added.

Today’s HOPLIGHT report is the DHS and FBI’s sixteenth report on North Korean malware. The agencies previously released reports on WannaCry, DeltaCharlie (two reports), Volgmer, FALLCHILL, BANKSHOT, BADCALL, HARDRAIN, SHARPKNOT, an unnamed remtoe access trojan/worm, Joanap and Brambul, TYPEFRAME, KEYMARBLE, and FASTCash (two reports).

And all these reports appear to have paid off, in the long run.

“Generally, when CISA releases alerts on state-sponsored activity we receive some reports from infected victims,” the CISA official told ZDNet. “CISA recommends victims who observe malicious activity report it to the NCCIC or the FBI Cyber Watch.”

All the DHS’ previous reports are available on this page, including the one on HOPLIGHT, which also comes with indicators of compromise that organizations can use to scan their networks for traces of HOPLIGHT.

In January 2019, the DOJ, FBI, and US Air Force moved in to take down North Korea’s Joanap botnet.

Article updated with comments from CISA official.

Related malware and cybercrime coverage:

Credit: Source link

Previous Post

Introducing Fractal: An Alternative Route to Machine Learning Presentation

Next Post

Google doubles down on machine learning to drive up energy efficiency of global datacentre fleet

Related Posts

Critical Zoom vulnerability triggers remote code execution without user input
Internet Security

Critical Zoom vulnerability triggers remote code execution without user input

April 10, 2021
Nation-state cyber attacks targeting businesses are on the rise
Internet Security

Nation-state cyber attacks targeting businesses are on the rise

April 10, 2021
These are the terrible passwords that people are still using. Here’s how to do better
Internet Security

These are the terrible passwords that people are still using. Here’s how to do better

April 9, 2021
Why do phishing attacks work? Blame the humans, not the technology
Internet Security

Why do phishing attacks work? Blame the humans, not the technology

April 9, 2021
US adds seven Chinese supercomputing organisations onto Entity List
Internet Security

US adds seven Chinese supercomputing organisations onto Entity List

April 9, 2021
Next Post
Google doubles down on machine learning to drive up energy efficiency of global datacentre fleet

Google doubles down on machine learning to drive up energy efficiency of global datacentre fleet

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Four Alternative Data Trends to Watch in 2021
Data Science

Four Alternative Data Trends to Watch in 2021

April 10, 2021
Artificial Intelligence and Machine Learning: Demographics & Firmographics
Machine Learning

Artificial Intelligence and Machine Learning: Demographics & Firmographics

April 10, 2021
A Primer of 29 Interactions for AI
Neural Networks

A Primer of 29 Interactions for AI

April 10, 2021
Six courses to build your technology skills in 2021 – IBM Developer
Technology Companies

Day 1 inside the digital ops center – IBM Developer

April 10, 2021
Critical Zoom vulnerability triggers remote code execution without user input
Internet Security

Critical Zoom vulnerability triggers remote code execution without user input

April 10, 2021
[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business
Internet Privacy

[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business

April 10, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Four Alternative Data Trends to Watch in 2021 April 10, 2021
  • Artificial Intelligence and Machine Learning: Demographics & Firmographics April 10, 2021
  • A Primer of 29 Interactions for AI April 10, 2021
  • Day 1 inside the digital ops center – IBM Developer April 10, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates