Reader Comments

Feds reveal technical details of North Korea's cyber attacks

by Terrell Bronner (2019-08-29)

스포츠토토 -text c-gray-1" >North Korea has been running a hacking campaign targeting aerospace, telecommunications and financial industries in the US since 2016, according to alerts issued by the government. Homeland Security and the FBI have released the technical details of what they say are North Korean-sponsored cyber attacks in an effort to help companies protect themselves. The alerts contain IP addresses associated with Volgmer, one of the backdoor Trojans the hackers have been using for years.

They also contain info on the FALLCHILL malware North Korean hackers have reportedly been using to compromise networks in the aforementioned sectors. FALLCHILL gains entry into a computer when a user visits an infected website and unwittingly downloads it. It could also come as a secondary payload brought about by another malware that had infected the system. Once it's in, FALLCHILL can retrieve info, as well as execute, terminate and move processes and files. The malware can also clean up after itself, making it hard to detect its presence.

According to the feds, both Volgmer and FALLCHILL are part of North Korea's "Hidden Cobra" program, which was created to deploy cyber attacks against enemy states. The US government had already issued a warning about Hidden Cobra earlier this year, claiming that it's been infiltrating media, financial, aerospace and critical infrastructure sectors in the US and around the globe since 2009.

If the name doesn't exactly sound familiar, it's because they're apparently more widely known as the Guardians of Peace -- the group that claimed responsibility for the massive Sony Pictures hack in 2014 -- and the Lazarus Group. North Korea, however, continues to deny all the hacking allegations thrown at it, including the attack on Sony Pictures and the theft of F-15 fighter jet wings' blueprints from South Korea's computers.

Source: Homeland Security, Reuters In this article: cyberattacks, gear, hackingcampaign, northkorea, security All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. Comments 499 Shares Share Tweet Share Save Popular on Engadget
The best consoles, games and accessories for students
View Microsoft HoloLens 2 will go on sale in September
View 'Pokémon Masters' is out for Android and iOS
View LG's smart fridge also makes crystal-clear ice for cocktails
View Apple will reportedly start online sales in India
View From around the web