EDITION : English/Korean

Nav
Updated

Duuzer Malware Attacks South Korea’s Manufacturing Industry; Security Firm Symantec Deems South Korea “An Attractive Target” To Cyber Attackers

by Czarelli Tuason / Nov 10, 2015 06:35 PM EST
Share with Facebook Share with Twitter
Hand typing on computer | By: Rafe Swan | Getty Images

Security firm Symantec noted that Organizations in South Korea are now being targeted by a malware called the "Duuzer" from an unknown source that seems to have its eyes on the country's manufacturing industry.

Duuzer is a sneaky backdoor program capable of working on 32-bit and 64-bit Windows versions that allows hackers full access to infected computers. The attackers are then able to steal system information; manipulate and delete processes, files and commands and a lot more, noted CSO Online.

"It's clearly the work of skilled attackers looking to obtain valuable information," said Symantec security response team researchers.

Once a computer is infected with the Duuzer virus, the hackers will try to conceal the malware by imitating existing applications.

"The attackers appear to be manually running commands through the back door on affected computers," noted Symantec in a blog post. "In one case, we observed the attackers creating a camouflaged version of their malware, and in another, we saw them attempting to, but failing to deactivate Symantec Endpoint Protection (SEP)."

 According to Security Week, the Duuzer malware seems to be the brainchild of the same group that's responsible for the Brambul and Joanap threats that have been going around South Korea, downloading payloads and snooping on infected computers.

Brambul works by connecting to IP addresses and is granted access by using common passwords such as "12123," "password," "abc123," "iloveyou" and "login." Once a machine is infected, the virus paves the way for network sharing that allows hackers to access the system drive. It then sends vital information from the computer to a preconfigured address.

Joanap, on the other hand, is a backdoor program like Duuzer that gathers and sends specific files to hackers.

With South Korea's large number of big international and local firms, it comes to no surprise why many attackers target the country.

"The numerous malicious campaigns in the region highlight how attackers continue to see South Korea as an attractive target," explained Symantec researchers.

Like us and Follow us
© 2024 Korea Portal, All rights reserved. Do not reproduce without permission.
Tags: South Korea, Symantec, Virus, malware, Duuzer, Brambul, Joanap, Symantec Endpoint Protection

Editor's Pick

BLACKPINK Rosé Hinted Group’s Contract Renewal

BLACKPINK

May 18, 2023 PM EDT - Serena Martinez

IU’s Agency Releases Statement on Plagiarism Accusations

IU

May 12, 2023 AM EDT - Serena Martinez

Jungkook’s FIFA World Cup Opening Ceremony Performance Now Reached 50 Million YouTube View Milestone

Jungkook from BTS

May 08, 2023 AM EDT - Serena Martinez

BTS Member RM Posts a Personal Update to Fans

RM from BTS

May 08, 2023 AM EDT - Serena Martinez

Connect with us : facebook twitter google rss

Subscribe to our Newsletter

Most Read

1

Girls’ Generation Taeyeon’s First Ever Concert in 3 Years Sells Out

2

BTS Member J-Hope Completes His Basic Training

3

Why This Year Is the Perfect Time to Invest in Facial Moisturizer

4

Enhancing Your Culinary Experience: How to Fully Savor Korean Beef

5

The Top 5 Best Face Cleansers for a Fresh and Radiant Complexion

6

Indulge in the Irresistible Delight of Homemade Cheese Fondue

Don't Miss

Real Time Analytics