Home » North Korean government hackers found using ransomware for the first time

North Korean government hackers found using ransomware for the first time

0 comment

North Korean state-sponsored threat actors have been observed using ransomware against companies and organizations in neighboring South Korea for the first time, police have reported.

According to the South China Morning Post, the South Korean National Police Agency said threat actors targeted at least 893 foreign policy experts in the country, looking to steal their identity data and email lists. 

The initial victims were mostly think tank experts and professors, who were targeted with phishing emails.
North Korea ransomware

The attackers would pose as a secretary from the office of Tae Yong-ho of the ruling People Power Party, or an official from the Korea National Diplomatic Academy. The emails, whose distribution started as early as April 2022, would either carry links to malicious websites or would carry malware as attachments.

According to the law enforcement organization’s findings, at least 49 people fell for the trick, and gave the attackers access to their email accounts and private, personal data.

Read more

 > North Korean hackers return with updated version of this dangerous malware> Open source software hijacked by North Korean hackers> These are the best malware removal tools right now 

That was enough to launch ransomware attacks against at least 13 companies (mostly online malls), with two companies already paying around 2.5 million won (just below $2,000) to regain access to their systems.

The quest to uncover exactly who is behind these attacks is underway, with police saying the threat actors used 326 “detour” servers in 26 countries to cover their tracks.

However they believe the group is most likely the same one that attacked Korea Hydro & Nuclear Power, back in 2014. 

The main arguments that North Koreans are behind this campaign include the IP addresses used in the attack, their attempts to get the targets to sign into foreign websites, the use of North Korean diction, and the choice of targets (diplomacy experts, inter-Korean unification thinkers, national security and defense experts). 

Here’s a rundown of the best firewalls today

Via: Engadget

You may also like

Leave a Comment

CyberNonStop

Cybernonstop is created to bring news and knowledge through articles to visitors.

Do not forget to subscribe.

Laest News

@2021 – All Right Reserved. Designed and Developed by PenciDesign