Friday, June 16, 2017
US-CERT Warning on North Korean DDoS Botnet
The U. S. Computer Emergency Readiness Team (US-CERT) has issued this alert TA17-164A on North Korea's HIDDEN COBRA cyberwarfare unit and their efforts on building botnets for DDoS attacks. This page includes links to indicators of compromise (IoC) to be checked by system administrators. US-CERT that people who find evidence of these tools should be reported to either the DHS National Cybersecurity Communications and Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch). The alert identifies tools and capabilities including DDoS botnets, keyloggers, remote access tools, and wiper malware. It says that HIDDEN COBRA primarily targets older versions of Microsoft OSs as well as Adobe Flash.