Security advisories

Hidden Cobra APT Advisory

February 26, 2019 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

The Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) have identified two tools used by the Advanced Persistent Threat Group, HIDDEN COBRA, better known as Lazarus Group. The first tool, Volgmer [1], is a Trojan capable of allowing the threat actor covert access to compromised systems and is delivered via targeted spear phishing emails. The second tool is a Remote Administration Tool (RAT) labeled FALLCHILL [2]. This RAT is fully functional and able to issue a wide variety of commands from a C2 server to the victim’s device. The successful use of either tool may have sever impacts, including the loss of sensitive data, operational disruption and reputational damage.

What we’re doing about it

What you should be doing about it

Additional information

For more information visit:

[1]https://www.us-cert.gov/ncas/alerts/TA17-318A(FALLCHILL)
[2]https://www.us-cert.gov/ncas/alerts/TA17-318B (Volgmer)

View Most Recent Advisories