https://www.itnews.com.au/news/north-korean-hidden-cobra-hackers-drop-hoplight-trojan-533290
By Juha Saarinen
itnews.com.au
November 1, 2019
Pyongyang malware spreaders behind WannaCry strike again.
The United States Cybersecurity and Infrastructure Security Agency (CISA)
has issued an alert about an ongoing Trojan malware campaign, believed to
be launched by the North Korean government.
In conjunction with the Federal Bureau of Investigation and the US
Department of Defense, CISA said the agencies had identified the Hoplight
Trojan, which is a 32-bit Windows portable executable.
Hoplight collects system information about target computers when it runs.
Information collected includes operating system version, storage volumes
including enumeration of drives and partitions, and the time.
Analysis by CISA showed that Hoplight can also read, write and move files,
create and terminate system processes as well as injecting data into them.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
