|
Joanap
Joanap is a remote access tool that is a type of malware used by the government of North Korea. It is two-stage malware, meaning it is "dropped" by another software (in this case the Brambul worm, which was part of the charges against Park Jin Hyok in 2018). Joanap establishes peer-to-peer communications and is used to manage botnets that can enable other operations. On Windows devices that have been compromised it allows data exfiltration, to drop and run secondary payloads, initialization of proxy Proxy may refer to: * Proxy or agent (law), a substitute authorized to act for another entity or a document which authorizes the agent so to act * Proxy (climate), a measured variable used to infer the value of a variable of interest in climate re ... communications, file management, process management, creation/deletion of directories, and node management. The US government believes HIDDEN COBRA (a US government term for malicious cyber activity conducted by North Korea) has most li ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Brambul
Brambul is an SMB protocol computer worm that decrypts and automatically moves from one computer to its second computer. It is responsible for the dropping of the Joanap botnet. History Brambul was first discovered in 2009 and has not had a disclosure prior to its notoriety. It was observed by cybersecurity firms and was not extensive subject. Sony hack (Late 2014) Brambul was among the malware to be identified during the Sony Pictures hack. Investigation (Early 2019) Brambul as well as Joanap botnet have both been shut down via a court order. Cycle The computer worm has the ability to automatically scan IP addresses and decrypt passwords including, but not limited to the following. System drive share Brambul will share information of the system to the cyberattacker. Information shared includes the IP address An Internet Protocol address (IP address) is a numerical label such as that is connected to a computer network that uses the Internet Protocol for ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Remote Access Tool
In computing, the term remote desktop refers to a software- or operating system feature that allows a personal computer's desktop environment to be run remotely off of one system (usually a PC, but the concept applies equally to a server or a smartphone), while being displayed on a separate client device. Remote desktop applications have varying features. Some allow attaching to an existing user's session and "remote controlling", either displaying the remote control session or blanking the screen. Taking over a desktop remotely is a form of remote administration. Overview Remote access can also be explained as the remote control of a computer by using another device connected via the internet or another network. This is widely used by many computer manufacturers and large businesses help desks for technical troubleshooting of their customer's problems. Remote desktop software captures the mouse and keyboard inputs from the local computer (client) and sends them to the rem ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Malware
Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. By contrast, software that causes harm due to some deficiency is typically described as a software bug. Malware poses serious problems to individuals and businesses on the Internet. According to Symantec's 2018 Internet Security Threat Report (ISTR), malware variants number has increased to 669,947,865 in 2017, which is twice as many malware variants as in 2016. Cybercrime, which includes malware attacks as well as other crimes committed by computer, was predicted to cost the world economy $6 trillion USD in 2021, and is increasing at a rate of 15% per year. Many types of malware exist, including computer viruses, worms, Trojan horses, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
North Korea
North Korea, officially the Democratic People's Republic of Korea (DPRK), is a country in East Asia. It constitutes the northern half of the Korea, Korean Peninsula and shares borders with China and Russia to the north, at the Yalu River, Yalu (Amnok) and Tumen River, Tumen rivers, and South Korea to the south at the Korean Demilitarized Zone. North Korea's border with South Korea is a disputed border as both countries claim the entirety of the Korean Peninsula. The country's western border is formed by the Yellow Sea, while its eastern border is defined by the Sea of Japan. North Korea, like South Korea, its southern counterpart, claims to be the legitimate government of the entire peninsula and List of islands of North Korea, adjacent islands. Pyongyang is the capital and largest city. In 1910, Korean Empire, Korea was Korea under Japanese rule, annexed by the Empire of Japan. In 1945, after the Surrender of Japan, Japanese surrender at the End of World War II in Asia, end ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Park Jin Hyok
Park Jin-Hyok (), is a North Korean programmer and hacker. He is best known for his alleged involvement in some of the costliest computer intrusions in history. Park is on the FBI's wanted list. North Korea denies his existence. Life and career Early life Park attended the Kim Chaek University of Technology in Pyongyang. He has traveled to China in the past and conducted IT work for the North Korean company "Chosun Expo" in addition to activities conducted on behalf of North Korea's Reconnaissance General Bureau. Lazarus group and computer hacking Park is a member of a North Korea's government-funded hacking team known as “ Lazarus Group (or APT 38)” and worked for Chosun Expo Joint Venture (aka Korea Expo Joint Venture), a North Korean government front company, to support the North Korean government’s malicious cyber actions. Chosun is affiliated with Lab 110, a component of North Korea's military intelligence. Expo Joint Venture had offices in China (PRC) and ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Botnets
A botnet is a group of Internet-connected devices, each of which runs one or more Internet bot, bots. Botnets can be used to perform distributed denial-of-service attack, Distributed Denial-of-Service (DDoS) attacks, steal data, send Spamming, spam, and allow the attacker to access the device and its connection. The owner can control the botnet using command and control (C&C) software. The word "botnet" is a portmanteau of the words "robot" and "Computer network, network". The term is usually used with a negative or malicious connotation. Overview A botnet is a logical collection of Internet-connected devices, such as computers, smartphones or Internet of things (IoT) devices whose Computer security, security have been breached and control ceded to a third party. Each compromised device, known as a "bot," is created when a device is penetrated by software from a ''malware'' (malicious software) distribution. The controller of a botnet is able to direct the activities of these com ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Windows
Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for servers, and Windows IoT for embedded systems. Defunct Windows families include Windows 9x, Windows Mobile, and Windows Phone. The first version of Windows was released on November 20, 1985, as a graphical operating system shell for MS-DOS in response to the growing interest in graphical user interfaces (GUIs). Windows is the most popular desktop operating system in the world, with 75% market share , according to StatCounter. However, Windows is not the most used operating system when including both mobile and desktop OSes, due to Android's massive growth. , the most recent version of Windows is Windows 11 for consumer PCs and tablets, Windows 11 Enterprise for corporations, and Windows Server 2022 for servers. Genealogy By marketing ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Data Exfiltration
Data exfiltration occurs when malware and/or a malicious actor carries out an unauthorized data transfer from a computer. It is also commonly called data extrusion or data exportation. Data exfiltration is also considered a form of data theft Data theft is a growing phenomenon primarily caused by system administrators and office workers with access to technology such as database servers, desktop computers and a growing list of hand-held devices capable of storing digital information, su .... Since the year 2000, a number of data exfiltration efforts severely damaged the consumer confidence, corporate valuation, and intellectual property of businesses and national security of governments across the world. Types of exfiltrated data In some data exfiltration scenarios, a large amount of aggregated data may be exfiltrated. However, in these and other scenarios, it is likely that certain types of data may be targeted. Types of data that are targeted includes: * Usernames, associated p ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Payload (computing)
In computing and telecommunications, the payload is the part of transmitted data that is the actual intended message. Headers and metadata are sent only to enable payload delivery. In the context of a computer virus or worm, the payload is the portion of the malware which performs malicious action. The term is borrowed from transportation, where ''payload'' refers to the part of the load that ''pays'' for transportation. Networking In computer networking, data to be transmitted is the payload. It is almost always encapsulated in some type of frame format, composed of framing bits and a frame check sequence. Examples are Ethernet frames, Point-to-Point Protocol (PPP) frames, Fibre Channel frames, and V.42 modem frames. Programming In computer programming, the most common usage of the term is in the context of message protocols, to differentiate the protocol overhead from the actual data. For example, a JSON web service response might be: The string ''Hello, world!'' ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Proxy Server
In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. Instead of connecting directly to a server that can fulfill a request for a resource, such as a file or web page, the client directs the request to the proxy server, which evaluates the request and performs the required network transactions. This serves as a method to simplify or control the complexity of the request, or provide additional benefits such as load balancing, privacy, or security. Proxies were devised to add structure and encapsulation to distributed systems. A proxy server thus functions on behalf of the client when requesting service, potentially masking the true origin of the request to the resource server. Types A proxy server may reside on the user's local computer, or at any point between the user's computer and destination servers on the Internet. A proxy server that passes unmodified r ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Lazarus Group
Lazarus Group (also known by other monikers such as Guardians of Peace or Whois Team ) is a cybercrime group made up of an unknown number of individuals run by the government of North Korea. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them between 2010 and 2021. Originally a criminal group, the group has now been designated as an advanced persistent threat due to intended nature, threat, and wide array of methods used when conducting an operation. Names given by cybersecurity organizations include Hidden Cobra (used by the United States Department of Homeland Security to refer to malicious cyber activity by the North Korean government in general) and Zinc (by Microsoft). The Lazarus Group has strong links to North Korea. The United States Federal Bureau of Investigation says that the Lazarus Group is a North Korean "state-sponsored hacking organization". According to North Korean defector Kim Kuk-song, the unit is internally k ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Crime In North Korea
Crime is present in various forms in North Korea, officially known as the Democratic People's Republic of Korea (DPRK). Crime by type Murder Many people in North Korea are stricken with poverty and as a result, often resort to extreme measures in order to survive. Several defectors have reported hearing rumours that murder and cannibalism is rife in the country; these rumours first arose during the Great Famine of 1994 to 1998. The Korea Institute for National Unification's 2014 ''White Paper on Human Rights in North Korea'' lists twelve public executions between 2004 and 2010 for the crime of murder. Murder victims included lovers, a spouse, a creditor, and a hospital administrator. Political offenses In North Korea, any perceived criticism of the country's political leaders is seen as a grave offense. Treason is also taken very seriously; traitorous behaviour may include attempting to escape to South Korea, or simply praising any aspect of South Korean culture. Crossing t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
.svg "Click for more on -> Windows"){kind=logo}
.jpg "Click for more on -> Crime In North Korea")