Indicators of Compromise for Malware Used by Sony Attackers

Sunday, December 21, 2014

Mike Lennon

306708aaf995cf6a77d3083885b60907

(SecurityWeek) - Just hours after the FBI and President Obama called out North Korea as being responsible for the destructive cyber attack against Sony Pictures, US-CERT issued an alert describing the primary malware used by the attackers, along with indicators of compromise.

While not mentioning Sony by name in its advisory, instead referring to the victim as a “major entertainment company,” US-CERT said that the attackers used a Server Message Block (SMB) Worm Tool to conduct the attacks.

US-CERT provided the following list of the Indicators of Compromise (IOCs) that should be added to network security solutions to determine whether they are present on a network.

Read More At SecurityWeek

Possibly Related Articles:
11408
malware Sony North Korea Indicators of Compromise SMB Tool IOC destover
Post Rating I Like this!
Default-avatar
John bros I'm sorry about North Korea they always do like this


John Bros
http://www.happyholi-2015.com/
1419314002
Default-avatar
jiya sharma Sony has also stopped making laptop...
regards
mia
Happy Chocolate Day Messages
Happy Rose Day Messages
Happy Promise Day Messages
Happy Hug Day Messages
Happy Kiss Day Messages
Happy Teddy Day Messages
Happy Propose Day Messages
1422441839
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.