- Jun 9, 2013
- 6,720
A previously unknown botnet has been uncovered, built for a multi-stage tracking and data exfiltration, primarily of targets in Asia.
According to Forcepoint’s 2016 Global Threat Report, Jaku has claimed 19,000 victims across 134 countries so far.
"Jaku herds victims en masse and conducts highly targeted attacks on specific victims through the execution of concurrent operational campaigns," it explained.
Technical details are still forthcoming in May from the firm, but it did say that payloads are delivered via exposure to compromised BitTorrent sites, the use of unlicensed software and the downloading of the Warez software. It also uses a raft of evasion techniques, like cryptography, steganography, fake file types, stealth injection, antivirus engine detection and more.
Forcepoint said that the victims are located around the globe, but there’s significant clustering in Asia, especially Japan, South Korea and China. The command and control servers are located in Malaysia, Thailand and Singapore.
Jaku was discovered as a result of a six-month investigation by Forcepoint’s Special Investigations (SI) team, as detailed in the company’s report. It worked with Kaspersky, using that firm’s analysis of the Dark Hotel campaign, as well as the UK National Crime Agency (NCA), CERT-UK, Europol and Interpol.
Full Article. Jaku Botnet Rises in the East
According to Forcepoint’s 2016 Global Threat Report, Jaku has claimed 19,000 victims across 134 countries so far.
"Jaku herds victims en masse and conducts highly targeted attacks on specific victims through the execution of concurrent operational campaigns," it explained.
Technical details are still forthcoming in May from the firm, but it did say that payloads are delivered via exposure to compromised BitTorrent sites, the use of unlicensed software and the downloading of the Warez software. It also uses a raft of evasion techniques, like cryptography, steganography, fake file types, stealth injection, antivirus engine detection and more.
Forcepoint said that the victims are located around the globe, but there’s significant clustering in Asia, especially Japan, South Korea and China. The command and control servers are located in Malaysia, Thailand and Singapore.
Jaku was discovered as a result of a six-month investigation by Forcepoint’s Special Investigations (SI) team, as detailed in the company’s report. It worked with Kaspersky, using that firm’s analysis of the Dark Hotel campaign, as well as the UK National Crime Agency (NCA), CERT-UK, Europol and Interpol.
Full Article. Jaku Botnet Rises in the East
