ENSIKLOPEDIA

Tekan Enter untuk memulai pencarian cepat.

Kembali ke Ensiklopedia Arsip Wikipedia Indonesia

Brambul

Computer worm

Brambul
Malware details
Technical name	Trojan:W32.Brambul.[Letter](FBI) Trojan/Brambul-[letter](FBI) W32.Brambul(Symantec)^[1] Win32/Brambul(Microsoft)^[2] Trojan:Win32/Brambul.[letter](Microsoft)^[3]
Type	Computer worm
Author	Lazarus
Technical details
Platform	Windows XP
Written in	Korean

Brambul is an SMB protocol computer worm that decrypts^{[clarification needed]} and automatically moves from one computer to its second computer.

It is responsible for the dropping of the Joanap botnet.

History

Brambul was first discovered in 2009 and has not had a disclosure prior to its notoriety. It was observed by cybersecurity firms and was not extensive subject.^[4]

Sony hack (Late 2014)

Brambul was among the malware to be identified during the Sony Pictures hack.

Investigation (Early 2019)

Brambul as well as Joanap botnet have both been shut down via a court order.

Cycle

The computer worm has the ability to automatically scan IP addresses and decrypt passwords including, but not limited to the following.^[1]

Password	Description
password	The word password
!@#$%	1-5 typed with the shift key
!@#$%^&*()	all ten number keys typed with the shift key
~!@#$%^&*()_+	the entire top row of keys typed with the shift key

System drive share

Brambul will share information of the system to the cyberattacker. Information shared includes the IP address, hostname and the username and password.^[5]

References

1 2 "W32.Brambul". Symantec. Archived from the original on May 31, 2018.
↑ "Win32/Brambul threat description - Microsoft Security Intelligence". www.microsoft.com.
↑ "Trojan:Win32/Brambul.A threat description - Microsoft Security Intelligence". www.microsoft.com.
↑ "Hidden Cobra Strikes Again with Custom RAT, SMB Malware". threatpost.com.
↑ at 01:58, Simon Sharwood 30 May 2018. "FBI fingers North Korea for two malware strains". www.theregister.co.uk.{{cite web}}: CS1 maint: numeric names: authors list (link)

External links

HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm | CISA

Hacking in the 2010s

← 2000s

Timeline of security hacking incidents
Timeline of computer viruses and worms

2020s →

Major incidents

2010	Operation Aurora (publication of 2009 events) Australian cyberattacks Operation Olympic Games Operation ShadowNet Operation Payback
2011	Canadian government DigiNotar DNSChanger HBGary Federal Operation AntiSec PlayStation network outage RSA SecurID compromise
2012	LinkedIn hack Stratfor email leak Operation High Roller
2013	South Korea cyberattack Snapchat hack Cyberterrorism attack of June 25 2013 Yahoo! data breach Singapore cyberattacks
2014	Anthem medical data breach Operation Tovar 2014 celebrity nude photo leak 2014 JPMorgan Chase data breach 2014 Sony Pictures hack Russian hacker password theft 2014 Yahoo! data breach
2015	Office of Personnel Management data breach HackingTeam Ashley Madison data breach TalkTalk data breach VTech data breach Ukrainian Power Grid Cyberattack SWIFT banking hack
2016	Bangladesh Bank robbery Hollywood Presbyterian Medical Center ransomware incident Commission on Elections data breach Democratic National Committee cyber attacks Vietnam Airport Hacks DCCC cyber attacks Indian Bank data breaches Surkov leaks Dyn cyberattack Russian interference in the 2016 U.S. elections 2016 Bitfinex hack
2017	SHAttered 2017 Macron e-mail leaks WannaCry ransomware attack Westminster data breach Petya and NotPetya 2017 Ukraine ransomware attacks Equifax data breach Deloitte breach Disqus breach
2018	Trustico Atlanta cyberattack British Airways data breach SingHealth data breach
2019	Sri Lanka cyberattack Baltimore ransomware attack Bulgarian revenue agency hack WhatsApp snooping scandal Jeff Bezos phone hacking incident

Hacktivism

Anonymous
- associated events
CyberBerkut
GNAA
Goatse Security
Lizard Squad
LulzRaft
LulzSec
New World Hackers
NullCrew
OurMine
PayPal 14
RedHack
Teamp0ison
TDO
UGNazi
Ukrainian Cyber Alliance

Groups

Appin
Bangladesh Black Hat Hackers
Bureau 121
Charming Kitten
Cozy Bear
Dark Basin
DarkMatter
Elfin Team
Equation Group
Fancy Bear
GOSSIPGIRL (confederation)
Guccifer 2.0
Hacking Team
Helix Kitten
Iranian Cyber Army
Islamic State Hacking Division
Lazarus Group
- BlueNorOff
- AndAriel
Lords of Dharmaraja
NSO Group
Numbered Panda
PLA Unit 61398
PLA Unit 61486
PLATINUM
Pranknet
Red Apollo
Rocket Kitten
Stealth Falcon
Syrian Electronic Army
Tailored Access Operations
The Shadow Brokers
xDedic
Yemen Cyber Army

Individuals

Ryan Ackroyd
Mustafa Al-Bassam
Kim Anh Vo
George Hotz
Guccifer
Elliott Gunton
Jeremy Hammond
Sam Hocevar
Junaid Hussain
MLT
Sabu
Track2
Topiary
The Jester

Major vulnerabilities
publicly disclosed

Evercookie (2010)
iSeeYou (2013)
Heartbleed (2014)
Shellshock (2014)
POODLE (2014)
Rootpipe (2014)
Row hammer (2014)
SS7 vulnerabilities (2014)
WinShock (2014)
JASBUG (2015)
Stagefright (2015)
DROWN (2016)
Badlock (2016)
Dirty COW (2016)
Cloudbleed (2017)
Broadcom Wi-Fi (2017)
EternalBlue (2017)
DoublePulsar (2017)
Silent Bob is Silent (2017)
KRACK (2017)
ROCA vulnerability (2017)
BlueBorne (2017)
Meltdown (2018)
Spectre (2018)
EFAIL (2018)
Exactis (2018)
Speculative Store Bypass (2018)
Lazy FP state restore (2018)
TLBleed (2018)
SigSpoof (2018)
Foreshadow (2018)
Dragonblood (2019)
Microarchitectural Data Sampling (2019)
BlueKeep (2019)
Kr00k (2019)

Malware

2010	Bad Rabbit Black Energy 2 Blackshades Coreflood Kelihos Stuxnet
2011	Citadel Andromeda Alureon Duqu Gameover ZeuS Metulji botnet Stars ZeroAccess botnet
2012	Alina Carna Dexter Dridex FBI MoneyPak Flame Grum Mahdi Red October Shamoon
2013	BlackPOS CryptoLocker DarkSeoul Havex
2014	Brambul Black Energy 3 Carbanak Careto DarkHotel Duqu 2.0 Emotet FinFisher Gameover ZeuS Kronos Regin
2015	CenterPOS Hidden Tear Kasidet Rombertik TeslaCrypt Project Sauron
2016	FastPOS Hitler Industroyer Jigsaw KeRanger Locky Necurs MEMZ Mirai Pegasus Petya and NotPetya Philadelphia PunkeyPOS X-Agent
2017	BrickerBot Kirk LogicLocker Rensenware Triton WannaCry Xafecopy
2018	Annabelle Joanap VPNFilter
2019	R2D2 Tiny Banker Titanium

Sumber data: id.wikipedia.org via REST API v1