Botnet JAKU Targets Scientists, Engineers and Academics

By | May 10, 2016


According to security researcher team from Forcepoint Security Labs, A Cyberattack campaign named as JAKU botnet is infecting victims across the globe, it is trying to track the actions of specially selected targets in sectors ranging from government to engineering.

It is different from other botnets because its victims’ list comprises of specific people like mostly the individuals who are working for some International Non-Governmental Organisations (NGOs), engineering companies, academics, scientists, and government employees.

Motive of JAKU

After getting infected to victims it is tracking their actions.

The findings are set out in Forcepoint’s report on Jaku, which outlines how of the estimated 19,000 unique victims, 42 percent are in South Korea and a further 31 percent in Japan. Both are countries are neighbours of North Korea. A further nine percent of Jaku victims are in China, six percent in the US, with the remainder spread across 130 other countries.

How it is infecting

When attacking indiscriminately, JAKU infects the targeted system using malware which can be downloaded from a number of different sources — including poisoned Bit Torrents of pirated anime films and fake PNG image files — which once installed in the system, send messages home to a command and control system, and enable those behind it to gain access to additional machines and add it to the botnet network.

According to Andy Settle head of special investigations at Forcepoint

There are thousands of victim computers that are sitting in waiting that can be used unwittingly to perform DDoS attacks, spear-phishing attacks, spam campaigns and other forms of organised crime behaviour.

Finding, tracking and shutting down attack modes and methodologies for JAKU capabilities is a difficult task. No single organisation can do it alone. It requires the close collaboration and intelligence-sharing activities of both private security organisations and government security agencies.

Subscribe for latest security updates