The Hidden Cobra group(North Korean government hackers) has been busy targeting victims for the last eight years. they are use Malicious tool as like DDos botent , keyloggers, RATs(remote access tool) and wiper malware.
The group tends to target old runing machine and unsupported versions of microshoft windows. It has also exploited Adobe Flash Player vulnerabilities and Microsoft Silverlight to get a toehold in environments. Organizations are advised to update to the newest version and patch level; if Flash and Silverlight are no longer needed, then push them to the curb and get those apps is off the of systems.
The FBI investigate and found , the 663 IP addresses listed in the IOC are being used by Hidden Cobra for network exploitation. DHS and FBI want network administrators to add those source and destination IPs to their watchlists to determine if there has been malicious activity within their organizations. The alert also includes YARA rules and network signatures created through a “comprehensive vetting process.”
Read full news article