North Korea’s patterns of cyberattack could be evolving, Seoul’s police agency said Wednesday.
North Korean hackers have mainly used viruses to gain access to South Korean computers, turning individual PCs into “zombies” that could then be used to conduct distributed denial-of-service, or DDoS attacks.
But investigations in Seoul revealed North Korean hackers could increasingly be engaging in “psychological warfare” through the seizure of information on individual computers, South Korean newspaper Herald Business reported.
The South’s National Police Agency stated a January cyberattack involving a link to a YouTube video, including derogatory content condemning South Korean President Park Geun-hye, was sent by email to South Korean broadcasters through 38,988 accounts.
Another cyberattack in February involved a bulk email from an account impersonating the cyber criminal investigations department of the police agency, requesting 48 recipients “cooperate with a national security investigation into the anti-South Korea president video.”
A fraudulent email from a false account that impersonated a South Korean academic specializing in North Korean studies was also sent to 83 local journalists, the police agency said.
The emails included malicious codes that could perform tasks through remote programming and control.
A Seoul law enforcement official who spoke to press on the condition of anonymity said the hackers used a virtual private network service to hide the origin of the attack. The attack was routed through U.S. networks but could be traced to an Internet Protocol address in the Ryugyongdong district of Pyongyang.
That IP address is identical to the source of an attack that took place on March 20, 2013, the official said.
The YouTube video the hackers distributed included content praising North Korea’s nuclear development interspersed with clips of Park in South Korean news segments.