South Korea found malicious code in the system of their military cyber command center, and North Korea is their number one suspect in the hack. It is unclear how the code got into the system, but it was targeting a “vaccine routing server” on the cyber command network, which provides additional security to approximately 20,0000 military computers that access the internet.
An investigation is underway to identify where the attack originated from. It has yet to be confirmed, but there are indications that it came from North Korea.
Komplex, a new Trojan, has been identified by security researchers. It has the ability to download, execute, and delete files from infected Mac OS X machines. The malware spreads through phishing emails about Russia’s space program, which includes a 17-page PDF document that’s actually a package of tools that attempts to communicate with creators’ command-and-control servers. It includes sending back data on the version, username, and process list running on the infected system.
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.