Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
Talks of Korean reunification have made me feel very optimistic. The Korean War has had a devastating effect on Koreans on both sides of the heavily guarded border. Families have been separated for decades. The war started before I was born! Since 1953, relations between North Korea and South Korea have been considered to be a de facto stalemate. But despite the decades-long stalemate, the war might not be really truly over until Korea is one country. That possibility makes me happy.
The United States has had a major effect on the Korean War since before the war even began in 1950. When Korea split into North Korea and South Korea, it was South Korea which embraced American influence and troops.
The Trump Administration has been involved in the attempt to reunify Korea. On April 20th, 2018, US President, Donald Trump tweeted: “North Korea has agreed to suspend all nuclear tests and close up a major test site. This is very good news for North Korea and the World – big progress! Look forward to our Summit.” So Trump and North Korea Leader Kim Jong Un planned to meet in Singapore in June to discuss some of the necessary steps to establishing peace. But now things don’t seem to be going too well.
North Korea wasn’t too happy about the military drills American and South Korean soldiers conducted together. North Korea reacted by saying that they may consider pulling out of the summit that’s been planned for June. They also said that they were unwilling to dismantle their nuclear arsenal as early as the United States would like.
“If the Trump Administration is genuinely committed to improving NK-US relations and come out to the NK-US summit, they will receive a deserving response. But if they try to push us into the corner and force only unilateral nuclear abandonment, we will no longer be interested in that kind of talks and will have to reconsider whether we will accept the upcoming NK-US summit,” said Kim Kye-gwan, North Korean First Vice Minister of the Ministry of Foreign Affairs.
Harry Kazianis, a Korean affairs expert from the Center for the National Interest, offered his perspective. “The North Korean pattern is to do provocations whether it is tests of missiles or nukes, ask for negotiations then string us along for months and years. But this time, they are not even getting to that point, they are already causing problems before we have the negotiation.”
This sort of tension seems to be having a palpable effect on cyber-attacks. Comodo Cybersecurity research has discovered a huge spike in malware detections in North Korea. Between May 1st and May 3rd, while American and North Korean governments were exchanging harsh words, about eight times as many malware attacks were detected by Comodo in North Korea than typical levels since the beginning of 2018. A lot of the new malware was malicious Windows activation software, and Ultrasurf, a Chinese internet censorship circumvention tool. There is even heavier handed internet censorship in North Korea.
Ultrasurf was originally developed in 2002, by Chinese dissidents in Silicon Valley. The tool allows users in China to bypass what has been colloquially referred to as the “Great Firewall of China.” Ultrasurf is designed to work in Windows as an EXE executable. It can be used without any installation or changes to the Windows Registry. To remove all traces of Ultrasurf from a PC, a user only has to delete the u.exe file. Cybersecurity product vendors have mixed opinions as to whether or not Ultrasurf is malware. It behaves like some malware in how it redirects internet communications through encryption. That’s a useful cybersecurity function in applications such as VPNs, but some malware also uses stream ciphers in order to evade detection.
Because a lot of the malware readings Comodo received in North Korea were related to Windows activations and Ultrasurf, it appears that ordinary North Koreans are feeling more confident in the wake of Korean reunification talks. They may be less afraid of the North Korean government in their attempt to acquire open internet communications with the rest of the world, even if that requires deploying what some consider to be malware.
By May 5th, the spike in Comodo’s detection disappeared. Then by May 9th, US Secretary of State, Mike Pompeo travelled to North Korea and returned with three American prisoners.
In related news, there appears to be people in either North Korea or South Korea who are targeting North Korean disidents with Android spyware Trojans. Sun Team is the cyber-attack group behind this phenomenon. KakaoTalk, a popular chat app in South Korea, and social networks including Facebook are being used to find North Korean defectors. They are being socially engineered to download Android Trojans with names like “Blood Assistant,” “Pray for North Korea,” “Food Ingredients Info,” “AppLock Free,” and “Fast AppLock.” The latter two are fake security apps. These malware campaigns have been detected as early as October 2016, and even with the possibility of Korean reunification, Sun Team seems to be continuing their attacks.
There are both North Korean and South Korean indications in Sun Team’s activities. Dropbox accounts used as command and control servers by Sun Team have used names of South Korean celebrities and television shows. But they’ve also been found to use words that are exclusive to the North Korean dialect of the Korean language.
Unlike a lot of Android malware, the malware that Sun Team has been deploying seems to simply behave as spyware, reading SMS messages and contact information from the targeted Android devices and sending that sensitive data back to their command and control servers. So, Sun Team is engaging in espionage.
Matters in North Korea and South Korea may continue to get messy, even as South Korean President Moon Jae-In and North Korean Leader Kim Jong Un seem to want to make peace. Comodo will definitely be on the lookout for future malware that targets the two Koreas.
Tags: Malware Attacks,malware
Reading Time: 4 minutes Increased dependency on computers and access to data makes an organization more vulnerable to cybersecurity threats. With the increase in cyber-criminals and cyber-attacks, many companies today are looking for greater protection of their decentralized computing work environments from their Managed Service Providers (MSPs). As a result, MSPs need to deliver firewall solutions that are designed…
Reading Time: 3 minutes Rapid technological growth and increasing digitalization in all aspects of life around the world have increased the value of ensuring cyber-security at all levels. This is increasingly true for EU member states and the organizations that are based in or operate from these countries. The number of cyber-attacks targeting EU member states has risen. The…
Reading Time: 3 minutes Disruptions are often unforeseen. This could be a catastrophic event like a hurricane, a fire, or an earthquake. Disruptions, however, can also come in other forms such as that of a pandemic. This means that a building doesn’t necessarily have to be demolished or lives have to be lost for an unforeseen event to completely…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP