Brambul | |
---|---|
Technical name | |
Type | Computer worm |
Authors | Lazarus |
Technical details | |
Platform | Windows XP |
Written in | Korean |
Brambul is an SMB protocol computer worm that decrypts[clarification needed] and automatically moves from one computer to its second computer.
It is responsible for the dropping of the Joanap botnet.
Brambul was first discovered in 2009 and has not had a disclosure prior to its notoriety. It was observed by cybersecurity firms and was not extensive subject.[4]
Brambul was among the malware to be identified during the Sony Pictures hack.
Brambul as well as Joanap botnet have both been shut down via a court order.
The computer worm has the ability to automatically scan IP addresses and decrypt passwords including, but not limited to the following.[1]
Password | Description |
---|---|
password | The word password |
!@#$% | 1-5 typed with the shift key |
!@#$%^&*() | all ten number keys typed with the shift key |
~!@#$%^&*()_+ | the entire top row of keys typed with the shift key |
Brambul will share information of the system to the cyberattacker. Information shared includes the IP address, hostname and the username and password.[5]