"Duuzer" Trojan Used to Target South Korean Organizations

  • 26 October 2015
  • 2 replies
  • 172 views

Userlevel 7
Badge +54
By Eduard Kovacs on October 26, 2015
 
Malicious actors have been using a backdoor Trojan dubbed by researchers “Duuzer” to steal valuable information from organizations in South Korea and elsewhere, Symantec reported on Monday.

According to the security firm, Duuzer has mainly been used in targeted attacks aimed at the manufacturing industry in South Korea. The threat gives attackers remote access to the infected devices, allowing them to collect system information, access and modify files, upload and download files, and execute commands.
 
Full Article

2 replies

Userlevel 7
Badge +54
By Catalin Cimpanu    27 Oct 2015
 
                                               http://i1-news.softpedia-static.com/images/fitted/340x180/duuzer-brambul-and-joanap-malware-attacks-detected-against-south-korean-manufacturers.jpg
 

Brambul and Joanap infections also detected

 
Besides the Duuzer backdoor, Symantec researchers also observed a series of other malware. These are the Brambul worm and the Joanap backdoor trojan, both working together most of the time, and generally used for logging and monitoring infected systems from afar.
 
The Brambul infection is usually the one that occurs first, and later loads Joanap.
 
"Computers infected with Brambul have been used as command-and-control (C&C) servers for Duuzer and have also been compromised with Duuzer," says the Symantec Security Response team.
 
Full Article
Userlevel 7
If I was to bet on where this Trojan came from I would say North Korea!!! But that is just a guess.

Reply