This Unusual Botnet Targets Scientists, Engineers, and Academics (zdnet.com)

← Back to Stories (view on slashdot.org)

This Unusual Botnet Targets Scientists, Engineers, and Academics (zdnet.com)

Posted by BeauHD on Tuesday May 10, 2016 @01:00AM from the unusual-suspect dept.

schwit1 quotes a report from ZDNet: A botnet and cyberattack campaign is infecting victims across the globe and appears to be tracking the actions of specially selected targets in sectors ranging from government to engineering. Researchers from Forcepoint Security Labs have warned that the campaign it has dubbed 'Jaku' -- after a planet in the Star Wars universe because of references to the sci-fi saga in the malware code -- is different to and more sophisticated than many botnet campaigns. Rather than indiscriminately infecting victims, this campaign is capable of performing "a separate, highly targeted operation" used to monitor members of international non-governmental organizations, engineering companies, academics, scientists and government employees, the researchers said. The findings are set out in Forcepoint's report on Jaku, which outlines how of the estimated 19,000 unique victims, 42 percent are in South Korea and a further 31 percent in Japan. Both are countries and neighbors of North Korea. A further nine percent of Jaku victims are in China, six percent in the US, with the remainder spread across 130 other countries.

15 of 67 comments (clear)

Min score:

Reason:

Sort:

Are there any viable North Korean targets? by ComputerGeek01 · 2016-05-10 01:07 · Score: 3, Insightful

There are also no instances of Jaku targeting North Korean victims.
North Korea is thought to be 20 years behind every other country listed in terms of engineering and they use a proprietary OS. What would the antagonist hope to dig out of NK that they can't get elsewhere with no additional coding work?
1. Re:Are there any viable North Korean targets? by Anonymous Coward · 2016-05-10 01:17 · Score: 1
  
  proprietary OS
  If by proprietary you mean a Linux distribution with an ugly UI and probably fair bit of government sanctioned spyware, then yes they are using a proprietary OS.
2. Re:Are there any viable North Korean targets? by AmiMoJo · 2016-05-10 01:41 · Score: 4, Interesting
  
  NK buys most of its tech from from the same place that everyone else does: China. As you say, the main difference is that they mandate the use of a more secure OS.
  It's interesting that the internet levels the playing field so much between countries with a vast, powerful military, a poor dictatorship and a teenager in their bedroom in Bulgaria.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
3. Re:Are there any viable North Korean targets? by Dan+East · 2016-05-10 02:09 · Score: 1
  
  the main difference is that they mandate the use of a more secure OS.
  I think it's funny you word it that way. Secure from whom, exactly? Maybe we should all be using their OS since it's so "secure".
  
  --
  Better known as 318230.
4. Re:Are there any viable North Korean targets? by swb · 2016-05-10 03:04 · Score: 1
  
  Is the playing field *really* that level?
  The US has spent at least the last decade hoovering data and penetrating networks on a global scale, including the ability to tap undersea fiber optics, intercepting and backdooring hardware shipments, and been tied to destroying airgapped centerfuges with a computer virus and even possibly knocking North Korea off the internet briefly.
  And those are things we know about. Then there's other, unlevel playing field options like a global special forces capability to gain clandestine physical access to infrastructure, an entire constellation of satellites and until very recently the ability to fly into space and take or modify satellites.
5. Re:Are there any viable North Korean targets? by cyriustek · 2016-05-10 03:25 · Score: 1
  
  North Korea is thought to be 20 years behind every other country listed in terms of engineering and they use a proprietary OS. What would the antagonist hope to dig out of NK that they can't get elsewhere with no additional coding work?
  I would not assume that NK is 20 years behind, especially on their hacking ability. They have been sending teams of people to exploitation training.
  NK does have some interesting things to hack into as well. The western world is interested in the DPRK's nuclear program, and it would not be surprising if a 'Stuxnet-like' application was used at some point to affect their operations as done in Iran.
6. Re:Are there any viable North Korean targets? by AmiMoJo · 2016-05-10 05:40 · Score: 1
  
  True, the US is much more vulnerable to severe damage by cyber attack. NK goes offline for a day, little effect. Sony gets hacked...
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Re:All malware authors should be executed by ctrl-alt-canc · 2016-05-10 01:14 · Score: 4, Funny

> All malware authors should be executed

Isn't enough to execute their code instead ?
Short Shameful Confession by mi · 2016-05-10 02:05 · Score: 4, Funny

This Unusual Botnet Targets Scientists, Engineers, and Academics
I feel left out and unaccomplished...

--
In Soviet Washington the swamp drains you.
Re:All malware authors should be executed by T.E.D. · 2016-05-10 02:17 · Score: 3, Funny

Given where this appears to have come from, any coders who refuse to work on the botnet when asked are likely executed.
If N. Korea doesn't get around to executing them, they will likely starve to death instead.
"Both are countries" by IRGlover · 2016-05-10 02:40 · Score: 2

For years I had heard references to 'South Korea' and 'Japan', but no-one ever seemed entirely sure what they were, so they were always shrouded in a bit of mystery for me. So imagine my joy when a /. summary actually provides a definitive answer. They are countries! and it seems that they are (probably) part of a contiguous landmass that also includes North Korea! So much now makes sense!
Re: The planet is Jakku, not Jaku by geekbastard · 2016-05-10 04:46 · Score: 1

I logged in just to make the same comment, you beat me to it
Tracking potential defectors by axewolf · 2016-05-10 06:24 · Score: 1

As soon as I hear anything blamed on North Korea, I think to analyze whether or not the western government would have an interest in the culpable act.
It sounds likely to me that the west is keeping a very sharp eye out for defectors. South Korea and Japan as governments are slaves to western interest, but North Korea is gaining appeal despite what you may hear in the western media. Russia is also gaining allies. The glamour of western capitalism is wearing off and the west doesn't want their vital resources worn off with it. Their surveillance powers are less concrete in the asian colonies. Too much to explain to too many people (who don't speak "western business" let alone English proficiently). So a direct approach like malware is good.
Botnet infecting victims across the globe? by khz6955 · 2016-05-10 07:17 · Score: 1

Surly, botnets infect computers, specifically Microsoft Windows in this case. how exactly does JAKU initially infect the victims?
Trisolaran's &The Three Body Problem by troutinator · 2016-05-10 16:08 · Score: 1

This sounds oddly similar to the tactics of the Trisolaran's in "The Three Body Problem" by Liu Cixin.

"Trisolarans developed the Sophon technology (a word amalgamation of Sophia, meaning "wisdom", and Proton, consisting of a supercomputer embedded into a single proton that could fold itself to eleven space dimensions), with plans for two such Sophons to secure the complete lockdown of Earth's scientific research and development. " -- https://en.wikipedia.org/wiki/...