North Korean hackers use Choi Soon Sil scandal to spread trojan…

first_imgThe Choi Soon Sil controversy has become a significant political scandal in South Korea. Evidence suggests that North Korean hacking units have begun to capitalize on the opportunity by distributing malicious software using word processor files featuring content referencing the scandal. Daily NK has examined an email attachment entitled, “The Uneasy Republic of Korea,” and determined that the file was an attempted cyber attack likely originating from North Korea. The email was sent from a falsified email address appearing to belong to the director of a South Korean NGO. A representative of the NGO that received the file notified Daily NK, adding that they have never received an email from this particular address and that the email address itself was not legitimate. North Korean hackers have been known to impersonate public figures and institutions by making email accounts in their name using public providers such as Naver, Daum, and Nate. A cyber security expert who agreed to analyze the content of the file and speak on condition of anonymity said, “The file was created at 11:13 a.m. this morning and contains the very latest in malicious code from North Korea. Under no condition should anyone open a file that looks like this.” “It appears that the file creator used an email account that on first appearance seems to belong to the president of an NGO. This is a common method used by North Korean hackers,” the analyst continued.According to the results of a subsequent investigation, this type of phishing scam would allow the hacker to access the victim’s computer and send commands remotely.  RELATED ARTICLESMORE FROM AUTHOR News Facebook Twitter AvatarDaily NKQuestions or comments about this article? Contact us at [email protected] SHARE The last person to modify the file saved the malicious code under the filename “MalDaeGaRi.” This is a term intended as an insult, which literally translates to “horse head,” and is used to describe people with unusually long faces. A cyber security expert with military experience explained, “This name appears to be a reference to Jeong Yoo Ra, Choi Soon Sil’s daughter.” Jeong Yoo Ra was a competition dressage athlete who competed at the 2014 Asian Games, and she became involved in the scandal when Ewha Women’s University was alleged to have given her preferential treatment during the admissions process. North Korean hacking units usually choose names for files that are related to the content.”  “It does not appear that this attack was intended for the general population. One of the patterns that has emerged is a specific focus on NGOs and defectors. It is likely that this attack was launched via infrastructure in China,” the security analyst continued. This latest attack appears to be a continuation of the aggressive posture that North Korea has assumed since it was documented using Twitter for cyber attacks beginning in August this year. Cyber security analysts have concluded that techniques used by North Korean hacking units are becoming more advanced. The attacks on South Korea can be typically associated with North Korea due to their similar techniques and characteristics. When asked about the nature of the attacks, security analyst Yu Dong Yul, Director of the Korea Institute of Liberal Democracy, noted, “The North is using these cyber attacks to collect information. Their techniques are advancing. This latest attack shows that they are using current events to create targeted content.”   “North Korea is using the internet as a way to strengthen their asymmetrical warfare capabilities, and their strategies are becoming increasingly sophisticated. They operate over 160 websites hosted on foreign servers and have begun to use social networking platforms as well,” Director Yu continued.“The North Korean regime has shown an acute awareness of the current scandal involving Choi Soon Sil and is exploiting it for psychological warfare,” Director Yu added. “There are also operatives posting comments on South Korean websites spreading malicious rumors in an attempt to increase the chaos and confusion surrounding the incident.”  According to previous reports by Daily NK into North Korean cyber attacks, the following characteristics have emerged: 1) A Trojan email is sent, usually containing no content, but accompanied by a Korean language word processor file attachment; 2) The size of the attached file is usually between 15-40 KB; 3) Some of the email addresses appear to belong to public figures and institutions using common email providers such as Naver, Daum, and Nate.  There are signs that North Korea is running into serious difficulties with its corn harvest North Korea tries to accelerate building of walls and fences along border with China North Korean hackers use Choi Soon Sil scandal to spread trojan horse virus News The filename of the malicious code embedded in the document is ‘MalDaeGaRi.’ Image: Daily NK. By Daily NK – 2016.11.09 10:41am News News Entire border patrol unit in North Hamgyong Province placed into quarantine following “paratyphoid” outbreak Daily NK recently obtained a copy of a word processor file infected with malicious code. According to cyber security experts, the file was created on November 3, 2016, and North Korean acking units are known to send such files as email attachments. The file is designed to initiate a command sequence and grant access to the attacker when opened. Image: Daily NK last_img read more

Continue reading

‘Sham’ TM arrangement leads to ban

first_imgA “sham” Transport Manager (TM) arrangement that led to Glasgow-based Ian Sharp being granted a national licence has led to its revocation and the disqualification of both Mr Sharp and his TM Robert Quigley.In revoking the two vehicle licence at an Edinburgh Public Inquiry, Traffic Commissioner (TC) Joan Aitken disqualified Mr Sharp from holding or obtaining a PSV O-Licence for four years and Mr Quigley from acting as a TM for life.In 2012, Mr Sharp applied for a two-vehicle restricted licence which could not succeed as he could not demonstrate that he had a principal occupation.He then applied for a national licence and nominated Mr Quigley as his TM. The application and the nomination of Mr Quigley appeared genuine and a national licence was granted later in 2012. Mr Sharp confirmed the licence details on the five-year checklist in October 2017, including that Mr Quigley was TM.Vehicle Examiner (VE) William Forsyth reported that on 18 August 2016, an immediate prohibition was issued at annual test for a leaking brake pipe. On 11 April 2018 an ‘S’ marked prohibition was issued for two long standing defects. During a maintenance investigation in May it was found that Mr Sharp had changed maintenance contractors without notifying the Office of the TC.Mr Sharp had said he had fallen out with his TM and had not had a TM visit for approximately six months. An incident whereby a vehicle came off a motorway slip road in March had not been notified to DVSA.Mr Sharp said that his connection to passenger transport arose from his involvement with a football team which needed to transport players and that led to evening hires for adults. He did that unlawful operation for three to four years. He then got an O-licence in 2012.  He had fallen out with Mr Quigley who had been keeping him right. He knew Mr Quigley through a mutual friend. The arrangement was that Mr Quigley would check the records every three to four weeks. He was checking all records up to January/February 2018 when he and Mr Quigley fell out.In reply to the TC, Mr Sharp admitted that he had only met Mr Quigley a couple of times since November 2012; that the TM arrangement had been a fiction from the start; that the signing of the five-year checklist in October 2017 was a false declaration and a continuation of the fiction; and that he had never paid Mr Quigley.Making the revocation and disqualification orders, the TC said that the licence had been rotten from the moment Mr Sharp and Mr Quigley placed their respective signatures on the paperwork for the licence. There had been no professional competence from the beginning; it was a sham arrangement which no doubt would have continued but for the DVSA investigation. Mr Sharp lied to the VE when he said he and Mr Quigley had fallen out relatively recently. He lied in his initial evidence in the PI. The absence of professional competence was not an academic matter. Mr Sharp had displayed an ignorance of the standards and duties required of a compliant operator. He had allowed seriously unroadworthy vehicles to be on the road.  The tacho data report also revealed infringements.last_img read more

Continue reading

Grand Slams will be up for grabs as big three wane, says Courier

first_imgNEW YORK,  (Reuters) – The Grand Slam dominance by a handful of elite men over the last decade and a half has come at the expense of the rest of the field, but the sport will see a return to “normal” when the era ends, American great Jim Courier said. Roger Federer, Rafa Nadal and Novak Djokovic have won the last 11 Grand Slams between them and an incredible 54 since 2003.The smart money is on that number rising further after the 33-year-old Spaniard Nadal reached the U.S. Open semi-finals in New York on Wednesday.Former world number one Courier won four majors between 1991 and 1993 but none of his male compatriots has lifted a slam trophy since the now-retired Andy Roddick won the U.S Open in 2003. Yet Father Time defeats all and when the game’s current greats hang up their rackets it will open the door for a wider number of competitors, making tournaments harder to predict, Courier said.“Sure, it has been difficult for American men to win majors but it has been difficult for anyone outside of the top four or five players to win in the last 15 years,” Courier told Reuters at the U.S. Open.“It has been more of a question of era in many ways as opposed to a singular American problem,” he said. “I think there is going to be a lot of open road for our players in the next five years or so when these incredible legends eventually leave the game.”Courier said he expects the sport to change in the not-too-distant future.“I think we’ll get a little more of a return to normalcy where players are going to win six or seven majors but not 16, 17, 18, 19, 20 — where they are just hoarding all of them.” Courier said that American tennis fans had still been spoiled by 23-times Grand Slam singles champion Serena Williams, her seven-times slam champion sister Venus and 2017 U.S. Open winner Sloane Stephens.Yet he is also doing all he can to help more Americans achieve Grand Slam glory.Technology company Oracle announced on Wednesday that it was partnering with Courier’s InsideOut Sports & Entertainment to launch a new lower-tier tennis circuit of men’s and women’s tournaments in the U.S. The circuit is designed to cut down travel costs and provide more opportunities for burgeoning American players to reach the next level.“This is a big day for American tennis,” he said of the ATP and WTA Tour events that will begin stateside next month.“It levels the playing field for our players here to their European counterparts, who can stay near or at home and play tournaments around the clock as they try to get to the next level.”last_img read more

Continue reading

Addressing corruption within the Force

first_imgPolice Commissioner Leslie James, earlier this week, once again stated that the Guyana Police Force (GPF) has zero tolerance for corruption and warned that ranks found to be involved in corrupt and questionable practices will face the necessary consequences. The Commissioner’s statement comes as the GPF is celebrating its 180th anniversary and some days after Crime Chief Lyndon Alves was sent on administrative leave to facilitate a probe into corruption allegations levelled against him.Several damning allegations against Alves were detailed in the media, and there were several questions raised by various stakeholders as to the criteria used in the first place to appoint him to that high-level position. Among the allegations against Alves is his alleged use of his influence during his tenure as Commander of B Division to protect rogue cops.Another allegation levelled against the Crime Chief is his influence being reportedly used to prevent a relative of his, who was involved in an accident, from being charged. In that incident, the young woman allegedly struck four-year-old Mohan Ramkaran close to his Tuschen, East Bank Essequibo (EBE) home. However, after she was arrested, she was later placed on $20,000 station bail and over two years later, she is yet to face the court for her alleged actions.To clarify: we are not saying that Alves is culpable of any of these wrongdoings, as it is only an independent, impartial and thorough probe that would determine if, and to what extent, he was involved in actions that are against normal practices. However, more diligent efforts should have been employed to ensure that the position was filled by someone who was at least perceived to be qualified, professional, honest, and could enjoy the confidence of his peers as well as the public.That said, the Alves fiasco is not unique. For many years now we have been hearing about corruption at all levels of the Force; sometimes with the involvement of senior officers themselves. When certain cases are brought to the fore, either by private citizens complaining or by way of media reports, nothing much comes out of these cases even after investigations are carried out. Very often, it comes down to officers simply being transferred or demoted or put to perform ‘administrative duties’.A few months back, there was the issue of the former Head of the Special Weapons and Tactics (SWAT) Unit, Deputy Superintendent Mootie Dookie, being investigated for alcohol smuggling. He has since been “temporarily transferred” to the Force’s Strategic Unit.Then there is the issue of some ranks moving around in heavily tinted vehicles in spite of several warnings for them to remove these tints. There is a tint law in place, but for quite some time now, ranks were allowed a free pass with their tinted vehicles, giving the impression to the general public that there is one law for Police Officers and another for the public. The law should apply to everyone, irrespective of their status, except in cases when the chief licensing authority grants an exemption, and in a few other special cases.Added to this is that some Police Officers openly break the traffic rules; and they do so with certainty that they would not be made to face the necessary charges. Pictures and videos of ranks using their mobile phones and drinking alcohol while on duty have been making the rounds of Facebook. And even though citizens observe the unprofessional and illegal conduct of ranks, they feel it is a waste of time to lodge the necessary complaints as nothing would come out of it.We had stated before that the Police must lead by example. If they want to win the public’s trust, they must be seen as having integrity and decency. They must engage in serious introspection and monitor themselves to ensure they too are held to higher standards. Police Officers cannot be seen breaking the same laws they expect the public to abide by.While we do not intend to paint the entire Police Force with the same brush, as there are many professional and honest officers within the Force, we are convinced that unless what is perceived as the endemic corruption in the organisation is addressed in a holistic manner, efforts being made at Police reform would be in vain. In the meantime, we await the findings of the Alves probe.last_img read more

Continue reading

Antonio Brown faces rape accusations by former trainer

first_img(AP) New England Patriots wide receiver Antonio Brown is facing rape accusations by a former trainer.According to a lawsuit filed Tuesday in the Southern District of Florida, Britney Taylor says Brown sexually assaulted her on three occasions.Brown has denied the allegations. Darren Heitner, a lawyer representing Brown, told The Associated Press his client plans to countersue. Heitner said Brown and Taylor had “a consensual personal relationship.”Taylor also said in the statement she will cooperate with the NFL and any other agencies.A spokesman for the NFL declined comment, but the Patriots say the league told the team it will launch an investigation.last_img

Continue reading

ED conducts searches in Delhi, Gurgaon in IPL betting case

first_imgThe raids were conducted in connection with an alleged IPL betting racket worth Rs 4,000 croreThe Enforcement Directorate (ED) on Saturday conducted searches in and around Delhi in connection with its hawala probe against some betting syndicates related allegedly to IPL T-20 cricket matches.Sources said that about four locations in Delhi and neighbouring Gurgaon were covered during the searches which are being conducted by the Ahmedabad office of the agency in coordination with their local counterparts.”The searches are being conducted on some suspects who acted as bookies during the recent Indian Premier League matches held in the county.”The probe is being handled by the ED Ahmedabad office, which is investigating the case for hawala and money laundering charges,” sources said.The Ahmedabad office of ED had on March 19 claimed to have busted a racket and arrested some bookies from a farmhouse on the outskirts of Vadodara in Gujarat.Later, the agency arrested 13 others in connection with the alleged betting racket.On March 26, the same office registered a money laundering case against two prime suspects and a few others in an alleged IPL betting racket worth Rs 4,000 crore.The accused have been charged by ED under Sections 418 (cheating), 419 (punishment for cheating), 420 (cheating and dishonestly inducing delivery of property), 467 (forgery of valuable security), 471 (using forged document as genuine) along with Section 120(b) (criminal conspiracy) of Indian Penal Code.Sources said that a “good cache” of mobile phones, documents and computer peripherals have been seized during today’s operation.Locations in Delhi’s Karol Bagh, Shastri Nagar and Gurgaon are being searched, they added.advertisementlast_img read more

Continue reading