Archive for the ‘FBI’ Category
On January 30, the US Department of Justice announced that it, the Federal Bureau of Investigation, and the Air Force Office of Special Investigations were engaged in a campaign to "map and further disrupt" a botnet tied to North Korean intelligence activities detailed in an indictment unsealed last September. Search warrants obtained by the FBI and AFOSI allowed the agencies to essentially join the botnet, creating servers that mimicked the beacons of the malware.
"While the Joanap botnet was identified years ago and can be defeated with antivirus software," said United States Attorney Nick Hanna, "we identified numerous unprotected computers that hosted the malware underlying the botnet. The search warrants and court orders announced today as part of our efforts to eradicate this botnet are just one of the many tools we will use to prevent cybercriminals from using botnets to stage damaging computer intrusions.”
Joanap is a remote access tool (RAT) identified as part of "Hidden Cobra", the Department of Homeland Security designator for the North Korean hacking operation also known as the Lazarus Group. The same group has been tied to the WannaCry worm and the hacking of Sony Motion Pictures. Joanap's spread dates back to 2009, when it was distributed by Brambul, a Server Message Block (SMB) file-sharing protocol worm. Joanap and Brambul were recovered from computers of the victims of the campaigns listed in the indictment of Park Jin Hyok in September.
The American Civil Liberties Union, along with Privacy International, a similar organization based in the United Kingdom, have now sued 11 federal agencies, demanding records about how those agencies engage in what is often called "lawful hacking."
The activist groups filed Freedom of Information Act requests to the FBI, the Drug Enforcement Agency, and nine others. None responded in a substantive way.
"Law enforcement use of hacking presents a unique threat to individual privacy," the ACLU argues in its lawsuit, which was filed Friday in federal court in New York state.
The Federal Bureau of Investigation is investigating the use of stolen identities in public comments on the government's repeal of net neutrality rules, BuzzFeed News reported Saturday.
The investigation focuses on "whether crimes were committed when potentially millions of people's identities were posted to the FCC's website without their permission, falsely attributing to them opinions about net neutrality rules," the report said.
"Two organizations told BuzzFeed News, each on condition that they not be named, that the FBI delivered subpoenas to them related to the comments," BuzzFeed wrote.