Archive for the ‘North Korea’ Category

North Korea reveals explosive HIV outbreak—after claiming to be disease-free

June 25th, 2019
This undated picture released by North Korea's official Korean Central News Agency (KCNA) on October 18, 2016, shows North Korean leader Kim Jong-Un (C) inspecting the newly built Ryugyong General Ophthalmic Hospital in Pyongyang.

Enlarge / This undated picture released by North Korea's official Korean Central News Agency (KCNA) on October 18, 2016, shows North Korean leader Kim Jong-Un (C) inspecting the newly built Ryugyong General Ophthalmic Hospital in Pyongyang. (credit: Getty | KCNA)

North Korea is experiencing an explosive outbreak of HIV amid limited access to diagnostic testing and treatments, according to an exclusive report by Science.

Independent researchers and government health officials tell the outlet that the isolated East Asian country confirmed its first HIV case in 1999 and has quietly watched infections balloon to over 8,300 cases in the last few years. The researchers and North Korean officials have submitted a report on the matter to the new medical preprint server medRxiv, which is scheduled to go live on Tuesday, June 25.

The case estimate stands in stark contrast to a celebration in Pyongyang last year on December 1—annual World AIDS Day—in which government officials declared that North Korea is an “AIDS-free zone” and that there is “not a single AIDS patient” in the country.

Read 4 remaining paragraphs | Comments

Posted in HIV, HIV/AIDS, Infectious disease, North Korea, outbreak, preprint, public health, sanctions, science | Comments (0)

North Korean Hackers Using ELECTRICFISH Tunnels to Exfiltrate Data

May 10th, 2019
The U.S. Department of Homeland Security (DHS) and the FBI have issued another joint alert about a new piece of malware that the prolific North Korean APT hacking group Hidden Cobra has actively been using in the wild. Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by North Korean government and known to launch cyber attacks against media

Posted in Cyber Attack, data exfiltration, hacking news, North Korea, North Korean hackers, proxy tool | Comments (0)

Researchers Link ‘Sharpshooter’ Cyber Attacks to North Korean Hackers

March 4th, 2019
Security researchers have finally, with "high confidence," linked a previously discovered global cyber espionage campaign targeting critical infrastructure around the world to a North Korean APT hacking group. Thanks to the new evidence collected by researchers after analyzing a command-and-control (C2) server involved in the espionage campaign and seized by law enforcement. Dubbed Operation

Posted in Cyber Attack, cyber espionage, Lazarus Group, malware, North Korea, North Korean hackers, South Korea | Comments (0)

FBI Mapping ‘Joanap Malware’ Victims to Disrupt the North Korean Botnet

January 31st, 2019
The United States Department of Justice (DoJ) announced Wednesday its effort to "map and further disrupt" a botnet tied to North Korea that has infected numerous Microsoft Windows computers across the globe over the last decade. Dubbed Joanap, the botnet is believed to be part of "Hidden Cobra"—an Advanced Persistent Threat (APT) actors' group often known as Lazarus Group and Guardians of

Posted in Botnet, Brambul malware, Cyber Attack, FBI, Hidden Cobra Hackers, Joanap botnet, Lazarus Group, malware, North Korea, North Korean hackers | Comments (0)

FBI, Air Force investigators mapped North Korean botnet to aid shutdown

January 31st, 2019
Stylized photograph of a suspicious character at a laptop.

Enlarge / Computer Hacker (credit: ilkaydede / iStock / GettyImages)

On January 30, the US Department of Justice announced that it, the Federal Bureau of Investigation, and the Air Force Office of Special Investigations were engaged in a campaign to "map and further disrupt" a botnet tied to North Korean intelligence activities detailed in an indictment unsealed last September. Search warrants obtained by the FBI and AFOSI allowed the agencies to essentially join the botnet, creating servers that mimicked the beacons of the malware.

"While the Joanap botnet was identified years ago and can be defeated with antivirus software," said United States Attorney Nick Hanna, "we identified numerous unprotected computers that hosted the malware underlying the botnet. The search warrants and court orders announced today as part of our efforts to eradicate this botnet are just one of the many tools we will use to prevent cybercriminals from using botnets to stage damaging computer intrusions.”

Joanap is a remote access tool (RAT) identified as part of "Hidden Cobra", the Department of Homeland Security designator for the North Korean hacking operation also known as the Lazarus Group. The same group has been tied to the WannaCry worm and the hacking of Sony Motion Pictures. Joanap's spread dates back to 2009, when it was distributed by Brambul, a Server Message Block (SMB) file-sharing protocol worm. Joanap and Brambul were recovered from computers of the victims of the campaigns listed in the indictment of Park Jin Hyok in September.

Read 4 remaining paragraphs | Comments

Posted in Biz & IT, Botnet, DOJ, FBI, hidden cobra, Lazarus Group, North Korea, Policy, usdoj | Comments (0)