NK hackers behind attacks on S. Korean security experts

2022. 12. 25. 17:20
글자크기 설정 파란원을 좌우로 움직이시면 글자크기가 변경 됩니다.

이 글자크기로 변경됩니다.

(예시) 가장 빠른 뉴스가 있고 다양한 정보, 쌍방향 소통이 숨쉬는 다음뉴스를 만나보세요. 다음뉴스는 국내외 주요이슈와 실시간 속보, 문화생활 및 다양한 분야의 뉴스를 입체적으로 전달하고 있습니다.

(123rf)

Police said Friday that a North Korean hacker group was behind a series of phishing attacks this year targeting security experts in South Korea by sending them emails and inviting them to click on links to fake websites.

The scam, which took place between April and October, involved faking the identity of local reporters covering national security and an assistant to Rep. Tae Yong-ho, a former North Korean diplomat who defected to the South and is now a ruling party lawmaker.

Of the 892 people who received such emails, 49 had unwittingly given away their passwords. But none among those tricked were government employees, according to police, who noted the hackers compromised 326 computer servers scattered in 26 countries to mask the source of traffic.

Internet protocol addresses, the type of virus and the usage of a North Korean word in the latest scam were the same as the North Korea-backed attack on Korea Hydro and Nuclear Power in 2014. Police cited them as strong evidence that the same group was behind the infiltration.

The victims -- private citizens -- all had something to do with national security, another finding that also led police to blame North Korea. Ransomware attacks, police added, had forced some South Korean companies to pay the hackers to regain what they stole -- the first time such an exchange ever took place.

“We will mobilize all resources to prevent cybercrimes,” a senior police official said, urging companies to ramp up their security.

The latest finding comes as Seoul doubles down on efforts to manage cybersecurity risks involving Pyongyang. Earlier this month, South Korean authorities warned businesses against inadvertently hiring IT staff from North Korea who mask their true identities and take advantage of remote work opportunities to bypass international sanctions -- restraints the isolated country has yet to clear as it refuses to abandon its nuclear weapons program.

“These workers are making millions of dollars annually for the work they do for global IT companies. … And by the day, the money they bring in is making up a bigger part of the dollar operation,” authorities said in the advisory, referring to North Korea’s foreign remittances from its overseas workers -- a longstanding campaign believed to fund its nuclear buildup.

By Choi Si-young(siyoungchoi@heraldcorp.com)

Copyright © 코리아헤럴드. 무단전재 및 재배포 금지.

이 기사에 대해 어떻게 생각하시나요?