Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

North Korea Hacked 892 Seoul Foreign Policy Experts | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

North Korean hackers carried out cyberattacks on at least 892 South Korean foreign policy experts, and also attacked shopping malls with ransomware, South Korean authorities say.

The attacks, which mainly targeted think tank experts and professors, tricked some of the victims into signing into fake websites that exposed their login details to attackers, the South China Morning Post reports(Opens in a new window)

According to the National Police Agency, the hackers in May sent spear-phishing emails from accounts that posed as South Korean political figures, including a secretary from the office of Tae Yong-ho of the governing People Power Party. The emails included links to fake websites or a malware-laden attachments. 

The agency said that 49 of the recipients of the emails were hacked after logging into the attached fake websites. This allowed the hackers to infiltrate and monitor their email accounts and download data from them. The attackers are suspected by police to be the same group that hacked Korea Hydro & Nuclear Power(Opens in a new window), South Korea’s nuclear plant operator, in 2014. That attack saw the personal data leak of 10,000 of the company’s workers, as well as the designs and manuals for at least two of the 23 reactors it runs in the country.

The hacking attempts this year marked the first time South Korea detected North Korean hackers using ransomware, police said. Thirteen shopping mall companies were attacked, with two companies paying a ransom of 2.5 million won ($1,980) worth of bitcoin to the hacking group for the unlocking of encrypted files targeted by the hackers.

Recommended by Our Editors

Earlier this year, Google blamed North Korean hackers for exploiting a known vulnerability in Microsoft’s Internet Explorer to spread malware to South Korean victims. The hackers spread a malicious document dressed up to look like an official government statement about the Oct. 29 crowd-crush incident in Itaewon, South Korea, where at least 158 people died. If opened via Microsoft Office with “Protected View” disabled, the booby-trapped document would start executing rogue computer code on victims’ computers, effectively hijacking it. 

Microsoft quickly patched(Opens in a new window) the flaw, which was attributed to a North Korean hacking group dubbed APT37, which Google said is known for attacking(Opens in a new window) “South Korean users, North Korean defectors, policy makers, journalists and human rights activists.”

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

var facebookPixelLoaded = false;
window.addEventListener(‘load’, function(){
document.addEventListener(‘scroll’, facebookPixelScript);
document.addEventListener(‘mousemove’, facebookPixelScript);

function facebookPixelScript() {
if (!facebookPixelLoaded) {
facebookPixelLoaded = true;
document.removeEventListener(‘scroll’, facebookPixelScript);
document.removeEventListener(‘mousemove’, facebookPixelScript);


fbq(‘init’, ‘454758778052139’);
fbq(‘track’, “PageView”);


Click Here For The Original Story From This Source.

National Cyber Security