DOJ Announces Effort to Map North Korean Hacking

The Justice Department on Wednesday announced an effort to “map and further disrupt” a global network of computers that have been infected by North Korean malware. The efforts, the Justice Department said in a press release, began after the United States charged North Korean hacker Park Jin Hyok—who is believed to be one of the masterminds behind the Sony and WannaCry attacks—last year, alleging that he had used a type of malware that aided the development of the Joanap botnet (a group of “bots,” or infected computers). Once the malware has infected a computer, the press release notes, it grants hackers near-total control of the device. By mimicking infected computers, authorities were able to discover some computers that were infected with the virus and build a map of the remaining botnet, and the FBI is now reportedly contacting the owners of the infected computers.

“Computers around the world remain infected by a botnet associated with the North Korean Regime,” Assistant Attorney General for National Security John Demers said in the press release. Demers added that “while the Joanap botnet was identified years ago and can be defeated with antivirus software, we identified numerous unprotected computers that hosted the malware underlying the botnet. The search warrants and court orders announced today as part of our efforts to eradicate this botnet are just one of the many tools we will use to prevent cybercriminals from using botnets to stage damaging computer intrusions.”