The Department of Justice is looking to dismantle the Joanap botnet, which has been built and controlled by North Korea-linked hackers since 2009. Law enforcement has been operating servers that mimicked peers in the botnet. This allows the government to build out a map of the infected systems and warn impacted victims in the hopes of eventually eradicating the threat. Joanap malware has been targeting multiple victims globally and in the U.S. since 2009, including the media, aerospace, financial and critical infrastructure sectors.
Source: https://threatpost.com/u-s-government-joanap-botnet/141366/