Department of Justice(DOJ) has disclosed details of a fresh cyber attack which was launched on the critical infrastructure of the United States and is all set to issue a warning soon to victims who were infected by with Joanap Botnet launched and developed by a hacking group being funded by North Korean government.
Recently, the law enforcement has issued a search warrant with which the special forces conducted search operations which allowed them to track down the network of infected devices. It was then that the forces discovered about the Joanap botnet which is reported to have infected computer servers of several government agencies in the United States.
“Through this operation, we have decided to eradicate the cyber threat of the state hackers funded by Kim Jong UN-led government,” said John Demers, the Assistant Attorney General in charge of the Justice Department’s National Security Division.
Note 1- The said botnet developers and spreaders are also suspected to be behind the 2014 attack on Sony Pictures Entertainment.
Note 2- Investigators who were pressed into service were assigned the official search warrant in June last year by the federal judge. They then used the California servers of FBI to mimic a server infection of malware and communicated with the infected devices, known as peers. By doing so, they succeeded in creating an outline of a map with infected IP addresses which then disclosed the IP addresses of the known peers. In coming weeks, FBI is said to send in a notification to all the owners of the servers and will the ask the federal agency heads to look into the matter and conduct a cleanup as soon as possible.
Note 3- The incident came into light on Wednesday after Donald Trump, the 45th President of United States pronounced an end to the ‘government shut down’ on last Friday- that too on a partial note.
Meanwhile, in other news related to cyber attack incidents, Airbus on Wednesday announced that it has detected unauthorized access to its information systems which resulted in a data breach. However, the company is confident that the accessed info wasn’t used by the hackers on the dark web to date and the breach did not impact its commercial operations.