Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

New disk wiper malware linked to attacks in South Korea, researchers say

From: InfoSec News <alerts () infosecnews org>
Date: Mon, 1 Jul 2013 06:13:06 +0000 (UTC)
https://www.computerworld.com/s/article/9240440/New_disk_wiper_malware_linked_to_attacks_in_South_Korea_researchers_say

By Lucian Constantin
IDG News Service
June 28, 2013
A new piece of malware designed to delete files from hard disk drives and render computers unable to boot targets South Korean users, according to researchers from security firm Symantec.
The malware is similar to the Jokra Trojan program that was used in March to wipe the hard drives of computers belonging to several banks and TV broadcasters in South Korea, leading to significant disruptions of their operations.
The attack in March was attributed by security experts to a hacker gang called "DarkSeoul" that's also believed to be responsible for the distributed denial-of-service attacks from Tuesday against South Korean websites, including that of South Korean President Park Guen-hye.
The new hard-drive wiper malware is called Trojan.Korhigh and was found by Symantec researchers during their investigations into cyberattacks in South Korea. "Trojan.Korhigh has the functionality to systematically delete files and overwrite the Master Boot Record (MBR) on the compromised computer, rendering it unusable," the Symantec researchers said Thursday in a blog post. 

[...]



--
Visit the new and improved InfoSec News website
http://www.infosecnews.org/
Previous By Date Next
Previous By Thread Next

Current thread: