Navigation section
fallchill
About this tag
The tag fallchill refers to a remote administration tool (RAT) used by the North Korean government, as identified in a joint technical alert from the Department of Homeland Security and the Federal Bureau of Investigation. The alert, released in November 2017, provides indicators of compromise and IP addresses associated with this malware, which is part of broader malicious cyber activity tracked as HIDDEN COBRA. Discussions on WindowsForum.com focus on understanding the threat, sharing detection and mitigation strategies, and analyzing the technical details of the FALLCHILL RAT to protect network systems from this state-sponsored cyber threat.
-
TA17-318A: HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL
Original release date: November 14, 2017 Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS...- News
- Thread
- command and control cyber threat reporting cybersecurity dhs fallchill fbi hidden cobra incident response indicators of compromise ip address malware mitigation network defense network security north korea remote administration tool system information tls
- Replies: 0
- Forum: Security Alerts