The Typeframe Virus is North Korea’s Newest Cyberweapon

A new dangerous threat dubbed the Typeframe virus has been found to originate from North Korea. This was reported by the US DHS (Department of Homeland Security), the investigation shows that it is a very potent threat.

New North Korean Weapon Revealed — The Typeframe Virus

The alleged ongoing cyberattacks that originate from North Korea (or a bounced through that country’s network servers) showcased a new malware. The US DHS reported that the new weapon is called the Typeframe virus and it can lead to serious damage to the infected hosts. There is no information about the exact mechanism of delivery and infiltration, meaning that the criminals behind it can use any number of complex methods.

It follows a predefined behavior pattern that first checks for the presence of certain components — ether other parts of the engine or other threats controlled by the hackers. It is able to download them accordingly if they are not present on the target computers. All malicious files can be renamed to impersonate Windows modules and key components.

Like other similar threats the Typeframe virus can also be set up as a persistent threat which automatically starts it once the computer is booted. It can also access the Windows Registry and modify the contained strings within. If the malicious engine modifies entries that belong to the operating system overall performance can suffer. In other cases the virus can be programmed into disabling functionality of user-installed applications.

The report reads that it can be used as an intermediate payload delivery mechanism. This means that the hackers can use it to deploy other threats. The code analysis reveals that it can bypass security software such as firewalls (and possibly anti-virus programs). This leads to network (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum authored by Martin Beltov. Read the original post at: