{"id":60939,"date":"2019-04-16T09:04:01","date_gmt":"2019-04-16T14:04:01","guid":{"rendered":"https:\/\/www.pcmatic.com\/blog\/?p=60939"},"modified":"2019-04-16T09:04:48","modified_gmt":"2019-04-16T14:04:48","slug":"north-korea-hoplight","status":"publish","type":"post","link":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/","title":{"rendered":"DHS and FBI Publish Report Warning of New Trojan From North Korea"},"content":{"rendered":"\n<p><strong>North Korean Hacking Group Releases New Trojan<\/strong><\/p>\n\n\n\n<p>The U.S. Department of Homeland Security and the Federal Bureau of Investigation have issued a joint malware analysis <a href=\"https:\/\/www.us-cert.gov\/ncas\/analysis-reports\/AR19-100A\">report <\/a>highlighting a new Trojan used by the hacking group, Lazarus, out of North-Korea.<\/p>\n\n\n\n<p>The report, published on the US-CERT website, stated\nthe new Trojan, deemed Hoplight, was detected while tracking the malicious\ncyber activity of the North Korean-backed hacking group Lazarus, also known as\nHidden Cobra.&nbsp; Additionally, the report\ncontains a detailed analysis of the nine executable files found to be infected\nwith the Hoplight Trojan.&nbsp; <\/p>\n\n\n\n<p>Seven of the nine files have proxy applications in\nplace in order to mask the traffic between the malware and its operators.&nbsp; <\/p>\n\n\n\n<p>Of the remaining two\nfiles, researchers confirmed one contained a public SSL certificate with the\npayload appearing to be encoded with a password or key. The remaining file did\nnot contain any of the public SSL certificates, but attempted outbound\nconnections. <\/p>\n\n\n\n<p>The Hoplight\u00a0Trojan is able to read, write and move files, enumerate system drives, create and terminate processes, inject into running processes, create, start and stop services, modify registry settings, connect to a remote host, as well as upload and download files.\u00a0 The malware is also able to open and bind to a socket, and uses a public SSL certificate for secure communication.<\/p>\n\n\n\n<p>**PC Matic users, rest assured you are entirely protected from this newly found Trojan.  The nine executable files would not be able to run on any computer that has PC Matic&#8217;s whitelist protection running, as none of the files are known, trusted programs.  <\/p>\n","protected":false},"excerpt":{"rendered":"<p>North Korean Hacking Group Releases New Trojan The U.S. Department of Homeland Security and the Federal Bureau of Investigation have issued a joint malware analysis report highlighting a new Trojan used by the hacking group, Lazarus, out of North-Korea. The report, published on the US-CERT website, stated the new Trojan, deemed Hoplight, was detected while [&hellip;]<\/p>\n","protected":false},"author":54,"featured_media":60443,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[7],"tags":[5379],"class_list":["post-60939","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-newsletter","tag-north-korea"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>DHS and FBI Publish Report Warning of New Trojan From North Korea<\/title>\n<meta name=\"description\" content=\"The APT hacking group, Lazarus, from North Korea has begun distributing thier latest malware creation -- Hoplight. Hoplight is a new...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"DHS and FBI Publish Report Warning of New Trojan From North Korea\" \/>\n<meta property=\"og:description\" content=\"The APT hacking group, Lazarus, from North Korea has begun distributing thier latest malware creation -- Hoplight. Hoplight is a new...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/\" \/>\n<meta property=\"og:site_name\" content=\"PC Matic Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/pcmatic\" \/>\n<meta property=\"article:published_time\" content=\"2019-04-16T14:04:01+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-04-16T14:04:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/downloading_malware.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"730\" \/>\n\t<meta property=\"og:image:height\" content=\"414\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Kayla Elliott\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@pcmatic\" \/>\n<meta name=\"twitter:site\" content=\"@pcmatic\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kayla Elliott\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/\"},\"author\":{\"name\":\"Kayla Elliott\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/person\\\/d4a11f480158af9f8090d8d90e0de8db\"},\"headline\":\"DHS and FBI Publish Report Warning of New Trojan From North Korea\",\"datePublished\":\"2019-04-16T14:04:01+00:00\",\"dateModified\":\"2019-04-16T14:04:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/\"},\"wordCount\":278,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/downloading_malware.jpg\",\"keywords\":[\"North Korea\"],\"articleSection\":[\"Newsletter\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/\",\"name\":\"DHS and FBI Publish Report Warning of New Trojan From North Korea\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/downloading_malware.jpg\",\"datePublished\":\"2019-04-16T14:04:01+00:00\",\"dateModified\":\"2019-04-16T14:04:48+00:00\",\"description\":\"The APT hacking group, Lazarus, from North Korea has begun distributing thier latest malware creation -- Hoplight. Hoplight is a new...\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/downloading_malware.jpg\",\"contentUrl\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/downloading_malware.jpg\",\"width\":730,\"height\":414,\"caption\":\"Malware\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/north-korea-hoplight\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"DHS and FBI Publish Report Warning of New Trojan From North Korea\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/\",\"name\":\"PC Matic Blog\",\"description\":\"Tech Tips and Tricks\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#organization\",\"name\":\"PC Matic - Top Antivirus Company in the USA.\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/techtalk.pcmatic.com\\\/wp-content\\\/uploads\\\/PC-MaticLogo-e1472689639222.png\",\"contentUrl\":\"https:\\\/\\\/techtalk.pcmatic.com\\\/wp-content\\\/uploads\\\/PC-MaticLogo-e1472689639222.png\",\"width\":1535,\"height\":483,\"caption\":\"PC Matic - Top Antivirus Company in the USA.\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/pcmatic\",\"https:\\\/\\\/x.com\\\/pcmatic\",\"https:\\\/\\\/www.instagram.com\\\/pcmaticusa\\\/\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/pcmatic\",\"https:\\\/\\\/www.youtube.com\\\/c\\\/PCMaticVideo\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/person\\\/d4a11f480158af9f8090d8d90e0de8db\",\"name\":\"Kayla Elliott\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/author\\\/kayla\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"DHS and FBI Publish Report Warning of New Trojan From North Korea","description":"The APT hacking group, Lazarus, from North Korea has begun distributing thier latest malware creation -- Hoplight. Hoplight is a new...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/","og_locale":"en_US","og_type":"article","og_title":"DHS and FBI Publish Report Warning of New Trojan From North Korea","og_description":"The APT hacking group, Lazarus, from North Korea has begun distributing thier latest malware creation -- Hoplight. Hoplight is a new...","og_url":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/","og_site_name":"PC Matic Blog","article_publisher":"https:\/\/www.facebook.com\/pcmatic","article_published_time":"2019-04-16T14:04:01+00:00","article_modified_time":"2019-04-16T14:04:48+00:00","og_image":[{"width":730,"height":414,"url":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/downloading_malware.jpg","type":"image\/jpeg"}],"author":"Kayla Elliott","twitter_card":"summary_large_image","twitter_creator":"@pcmatic","twitter_site":"@pcmatic","twitter_misc":{"Written by":"Kayla Elliott","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/#article","isPartOf":{"@id":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/"},"author":{"name":"Kayla Elliott","@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/person\/d4a11f480158af9f8090d8d90e0de8db"},"headline":"DHS and FBI Publish Report Warning of New Trojan From North Korea","datePublished":"2019-04-16T14:04:01+00:00","dateModified":"2019-04-16T14:04:48+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/"},"wordCount":278,"commentCount":0,"publisher":{"@id":"https:\/\/www.pcmatic.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/downloading_malware.jpg","keywords":["North Korea"],"articleSection":["Newsletter"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/","url":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/","name":"DHS and FBI Publish Report Warning of New Trojan From North Korea","isPartOf":{"@id":"https:\/\/www.pcmatic.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/#primaryimage"},"image":{"@id":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/downloading_malware.jpg","datePublished":"2019-04-16T14:04:01+00:00","dateModified":"2019-04-16T14:04:48+00:00","description":"The APT hacking group, Lazarus, from North Korea has begun distributing thier latest malware creation -- Hoplight. Hoplight is a new...","breadcrumb":{"@id":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/#primaryimage","url":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/downloading_malware.jpg","contentUrl":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/downloading_malware.jpg","width":730,"height":414,"caption":"Malware"},{"@type":"BreadcrumbList","@id":"https:\/\/www.pcmatic.com\/blog\/north-korea-hoplight\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pcmatic.com\/blog\/"},{"@type":"ListItem","position":2,"name":"DHS and FBI Publish Report Warning of New Trojan From North Korea"}]},{"@type":"WebSite","@id":"https:\/\/www.pcmatic.com\/blog\/#website","url":"https:\/\/www.pcmatic.com\/blog\/","name":"PC Matic Blog","description":"Tech Tips and Tricks","publisher":{"@id":"https:\/\/www.pcmatic.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pcmatic.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.pcmatic.com\/blog\/#organization","name":"PC Matic - Top Antivirus Company in the USA.","url":"https:\/\/www.pcmatic.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/techtalk.pcmatic.com\/wp-content\/uploads\/PC-MaticLogo-e1472689639222.png","contentUrl":"https:\/\/techtalk.pcmatic.com\/wp-content\/uploads\/PC-MaticLogo-e1472689639222.png","width":1535,"height":483,"caption":"PC Matic - Top Antivirus Company in the USA."},"image":{"@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/pcmatic","https:\/\/x.com\/pcmatic","https:\/\/www.instagram.com\/pcmaticusa\/","https:\/\/www.linkedin.com\/company\/pcmatic","https:\/\/www.youtube.com\/c\/PCMaticVideo"]},{"@type":"Person","@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/person\/d4a11f480158af9f8090d8d90e0de8db","name":"Kayla Elliott","url":"https:\/\/www.pcmatic.com\/blog\/author\/kayla\/"}]}},"_links":{"self":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/posts\/60939","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/users\/54"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/comments?post=60939"}],"version-history":[{"count":0,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/posts\/60939\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/media\/60443"}],"wp:attachment":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/media?parent=60939"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/categories?post=60939"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/tags?post=60939"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}