SEOUL, May 31 (Yonhap) — A North Korean hacking group is suspected of launching cyberattacks against a South Korean cybersecurity service firm amid heightened tensions on the Korean Peninsula, state prosecutors said Tuesday.
The Seoul Central District Prosecutors’ Office said the group allegedly first hacked into the company, whose identity was withheld, in November and acquired its authentication certificate in the following months.
The hacking group then infected a local academic institute website with programs carrying malicious code disguised as normal ones with a fake authentication certificate.
Prosecutors said a total of 19 computer servers of some 10 government organizations that accessed the academic website were eventually infected by malicious code that could lead to document leaks and additional virus infections. No actual damage has been reported yet.
Internet Protocol addresses — the online equivalent of a street address — which accessed the security firm’s server on 26 occasions, were traced to North Korea, prosecutors said, wrapping up their three-month investigation.
North Korea has a track record of waging cyberattacks on South Korea and the United States in recent years, though it has flatly denied any involvement.