U.S. claims North Korea has been silently infiltrating networks since 2009

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) claim North Korea is silently infiltrating the media, aerospace, financial, and critical infrastructure sectors both in and out of the United States using two known families of malware. They believe the attack has been underway since at least 2009 and conducted by a state-sponsored hacker group dubbed as Hidden Cobra. 

In a joint Technical Alert issued on Wednesday, the DHL and FBI claim that Hidden Cobra is using two pieces of malware in its campaign: a remote access tool called Joanap and a Server Message Block (SMB) worm named Brambul. The goal is to infiltrate networks, maintain a presence undetected, and send all collected information back to the hacker group. 

“FBI has high confidence that Hidden Cobra actors are using the IP addresses — listed in this report’s IOC files — to maintain a presence on victims’ networks and enable network exploitation. DHS and FBI are distributing these IP addresses and other IOCs to enable network defense and reduce exposure to any North Korean government malicious cyber activity,” the report states. 

Joanap is typically the payload of another malware obtained through a compromised website or a malicious email attachment. It can establish a peer-to-peer network to create a botnet and accept commands from the hacker group. 

Outside the botnet aspect, Joanap is capable of file management on a compromised Windows device, process management, the creation and deletion of directories, and node management. The Technical Alert says once Joanap infects a PC, it creates a file to capture and store information such as the host IP address, the hostname, and the current system time. 

According to the report, an analysis of the infrastructure used by Joanup identified 87 compromised network nodes in 17 countries including Brazil, China, Egypt, Iran, Saudi Arabia, Sweden, and Taiwan.  

Meanwhile, Brambul is a worm serving as a “dropper” malware payload obtained by compromised sites and infected files. Once executed, it will scan the local network for additional PCs and attempt to gain unauthorized access through the file-sharing feature built into Windows. This is done through brute-force password attacks using a list of embedded passwords. 

If successful, Brambul will contact Hidden Cobra and relay the IP address, hostname, username, and password of each infiltrated PC. The hacker group can then remotely access the compromised PCs via the Windows file-sharing protocol (SMB) to harvest information, infect other PCs on the network, and more. 

While both malware can be troublesome for the mainstream web surfer, they could devastate corporations by obtaining proprietary and/or sensitive information, disrupting regular operations, and harm their reputation. The financial losses due to eradicating the malware can be costly as well. 

“DHS and FBI recommend that network administrators review the information provided, identify whether any of the provided IP addresses fall within their organizations’ allocated IP address space, and—if found—take necessary measures to remove the malware,” the report states. 

A downloadable copy of the indicators of compromise are available in CSV and STIX formats.


Opera web browser targets enhanced accessibility with major redesign

The browser wars are heating up. In the latest move for Opera, a new development release pushes it even closer to Chrome with a redesign and overall goal of redefining the modern web browser. 
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.

These are the must-have games that every Xbox One owner needs

More than four years into its life span, Microsoft's latest console is finally coming into its own. From Cuphead to Halo 5, the best Xbox One games offer something for players of every type.

Breaking: Amazon won’t build headquarters in New York in face of opposition

Amazon has canceled plans for a New York City headquarters afer citizens, civic groups, and politicians pushed back on Governor Andrew Cuomo and New York City Mayor Bill de Blasio's exclamation of economic joy over Amazon's earlier…

DLSS is finally arriving in games, but how does Nvidia's super-sampling actually work?

Nvidia's new DLSS technology is exciting, but what is it and how does it work? It's not quite anti-aliasing and it's not quite super sampling. It's a little bit of both and the end results can be impressive.

A new Mac Pro is supposedly coming in 2019, but what will it be like?

Our Mac Pro 2019 rumor roundup covers all the top news, leaks, and rumors about the new Mac Pro set to be announced sometime in 2019. Here's what Apple has said, what the experts think, and what's likely to show up with the new Mac Pro.

Looking for a new laptop? These 5 notebooks are on sale through Presidents’ Day

If you're ready to ditch your aging notebook, you can score some fantastic Presidents' Day savings right now on Microsoft's Surface Pro 6, Dell's XPS 13, HP's Spectre x360, Lenovo's Yoga C930, and Dell's G5 15 Gaming laptops.

Take to the virtual skies with these free flight simulators

You don't have to spend the entirety of your paycheck to become a virtual ace, at least when it comes to flight simulation. Our list of the best free flight simulators will let you unleash your inner Maverick.

Wage war on a budget with these fun and free first-person shooters

We all know about Halo and Call of Duty by now, but what about quality titles that won't cost you upward of $60? Check out our picks for the best free first-person shooter games from Paladins to Quake Champions.

Enjoy Windows on a Chromebook with these great tips and tricks

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so in case you're looking to nab some Windows-only software.

Switch your WMA files for MP3s with our quick conversion tips

The WMA codec may be great when it comes to multi-channel surround sound, but unfortunately, it falters in terms of compatibility. Check out our guide on how to convert WMA files to MP3 via web-based or desktop methods.
Virtual Reality

Getting into VR is spendy. Which headset is truly worth your hard-earned cash?

Virtual reality has finally gone mainstream, but how do you find the best VR headset for you? Check out a few of our favorites, whether you want the best of the best or a budget alternative for your mobile device.

These Windows 10 keyboard shortcuts will take your skills to a new level

Windows 10 has many new features, and they come flanked with useful new keyboard shortcuts. Check out some of the new Windows 10 keyboard shortcuts to improve your user experience and save more time!

What is Wi-Fi 6? Here's a look at the next evolution of the wireless standard

We're exploring the new naming convention for wireless standards, how it affects the devices you buy, and what the upcoming Wi-Fi generation is changing for the better.