Feds reveal technical details of North Korea's cyber attacks

From Engadget - November 14, 2017

They also contain info on the FALLCHILL malware North Korean hackers have reportedly been using to compromise networks in the aforementioned sectors. FALLCHILL gains entry into a computer when a user visits an infected website and unwittingly downloads it. It could also come as a secondary payload brought about by another malware that had infected the system. Once it's in, FALLCHILL can retrieve info, as well as execute, terminate and move processes and files. The malware can also clean up after itself, making it hard to detect its presence.

According to the feds, both Volgmer and FALLCHILL are part of North Korea's "Hidden Cobra" program, which was created to deploy cyber attacks against enemy states. The US government had already issued a warning about Hidden Cobra earlier this year, claiming that it's been infiltrating media, financial, aerospace and critical infrastructure sectors in the US and around the globe since 2009.


Continue reading at Engadget »