Information Security News mailing list archives
North Korean Hidden Cobra hackers drop Hoplight Trojan
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 1 Nov 2019 08:02:45 +0000 (UTC)
https://www.itnews.com.au/news/north-korean-hidden-cobra-hackers-drop-hoplight-trojan-533290 By Juha Saarinen itnews.com.au November 1, 2019 Pyongyang malware spreaders behind WannaCry strike again.The United States Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert about an ongoing Trojan malware campaign, believed to be launched by the North Korean government.
In conjunction with the Federal Bureau of Investigation and the US Department of Defense, CISA said the agencies had identified the Hoplight Trojan, which is a 32-bit Windows portable executable.
Hoplight collects system information about target computers when it runs.Information collected includes operating system version, storage volumes including enumeration of drives and partitions, and the time.
Analysis by CISA showed that Hoplight can also read, write and move files, create and terminate system processes as well as injecting data into them.
[...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- North Korean Hidden Cobra hackers drop Hoplight Trojan InfoSec News (Nov 01)