back to article Crouching cyber, Hidden Cobra: Crack North Korean hack team ready to strike, says US-CERT

The Norks are coming and it won't be fun, according to a new bulletin from the United States Computer Emergency Readiness Team (US-CERT). The advisory warns that a North Korean hacking team, dubbed Hidden Cobra, is actively targeting media, aerospace, financial, and critical infrastructure sectors in the US and around the …

  1. Andy Non
    Coat

    Vulnerabilities in Adobe flash player?

    That's a surprise.

  2. Anonymous Coward
    Anonymous Coward

    If indeed it is hidden cobra could I suggest a name change as they aren't very well hidden?

    I'm also concerned at their credentials if they keep using the same IP addresses, I mean really, you're not going to hack through other systems and use them as stepping stones to hack?

    "CERT states that it believes Hidden Cobra was the source of the WannaCry aka WannaCrypt malware attacks"

    Sure lets go with that, or Iran, or Russia, or anyone else you don't like or secretly do.

    1. Yet Another Anonymous coward Silver badge

      There are no Russian hackers, the Russians didn't try and hack the election and anybody saying they did is fired.

      The Russians are our friends, although we have never met them.

  3. Destroy All Monsters Silver badge
    Facepalm

    The neverending stream of raw sewage from Murrica is nausea-inducing

    RUSSIAN HACKERS!

    CHINESE HACKERS!

    NORK HACKERS!

    PUTIN PUTIN PUTLER! KIM JON UHNNN!

    PHEAR!!!

    I had a good laugh earlier, as the Qatar-Saudi split-of-the.terror-supporters is now re-memed to be the work of ... "Russian Hackers"?

    The narrative blaming Russia for the Qatar split does not have any evidence to substantiate it, and Sen. Warren went out of her way to ensure none might be revealed today. It is worth pointing out, however, that President Trump personally took credit for the split himself when it first happened, crediting it to his visit to Saudi Arabia just days prior.

    Rather, it originates from Qatari state media having quoted the Qatari Emir saying something the Saudis didn’t like, and subsequently attributing the quote to “hackers.” US media outlets saw the word hackers, and naturally assumed Russia, and it appears that as with everything, this has quickly become something everyone is willing to assume is the case.

    Is there anything these Russian Hackers can't do? Can they manipulated base reality by the power of Peek and Poke alone? Was phish-multiplying Jesus actually secretly Russian? More on this ... after this message!

    (Maybe the Eurasian continent should start thinking about a first strike against the US with all that there is, a last-ditch effort to try to save the world from brainrot and insanity.)

  4. ma1010 Silver badge
    Paris Hilton

    Maybe this is silly, but here goes...

    IF there is any truth to this, and given that anybody in NK with Internet access is pretty much a state actor, how about just the rest of the world totally block NK off the Internet until they get a reasonable government? Add that to the "economic sanctions."

    Paris because maybe this is a dumb idea, but it seems possible to me.

    1. J. Cook Silver badge
      Pint

      Re: Maybe this is silly, but here goes...

      I've blocked countries from my web servers for less. It's a valid, if draconian, tactic.

      It's possible, it's not _easy_.

      It'd require a lot of concerted effort from *every* ISP that has network links that cross country borders.

      You'd have an easier time herding cats whilst nailing jelly to a tree and juggling a pair of running chainsaws all at once. :)

      Beer, because I'm heading out the door to get one.

  5. Walter Bishop Silver badge
    Linux

    North Korean malware aimed at American biz

    US-CERT being a branch of the Department of Homeland Security who couldn't tell their cyber-arse from their cyber-elbow. The real CERT being run out of Carnegie Mellon University.

    "CERT says it .. has identified IP addresses used by the Hidden Cobra team in their attacks."

    I don't understand how a state sponsored hacking crew are smart enough to hack a whole country but don't know how to disguise the source IP address.

    1. collinsl

      Re: North Korean malware aimed at American biz

      Wouldn't it be funny if that IP address was actually one used by US-CERT?

  6. Anonymous Coward
    Anonymous Coward

    I would have some sympathy .....

    however if the US software houses produced decent code then they wouldn't have such a large attack surface.

    Before Starwars Rogue One came out I always thought it was M$ who built the deathstar

  7. Adam 1 Silver badge

    and here I was ....

    ... thinking that Wannacry was simply an NSA exploit that escaped and got taped onto some ransomware delivery platform by some crooks.

    Whilst I'm happy to take on their word that such crooks operate out of the hermit kingdom, perhaps a different take out lesson is to not hoard security vulnerabilities.

    1. Yet Another Anonymous coward Silver badge

      Re: and here I was ....

      We need to hoard more vulnerabilities to keep them out of the hands of N Korea

  8. bombastic bob Silver badge
    Trollface

    The hacking group is using botnet creation malware called DeltaCharlie

    snicker snicker snicker

    Kim Jong "Fatass" "Cartman" Un couldn't think up something BETTER?

    Does he even UNDERSTAND the implication of using 'Charlie' to describe their malware creator thingy?

    or am I just *THAT* old ?

    1. Rich 11 Silver badge

      Re: The hacking group is using botnet creation malware called DeltaCharlie

      In what passes for your grasp of US military history, are you confusing the Korean War with the Vietnam War?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019