agi
Blog

North Korean Hacking Attack To Steal Information From South Korea

single-image

North Korea once again used made a spurious cyber attack. This time, it targeted government officials in a bid to get classified information. 

You won’t get surprised if you hear about North Korea’s involvement in any unlawful doing. Its enmity with South Korea is also quite well-known. Ever since their split, both countries keep having these small confrontations here and there. This time, it has surfaced in the cyber sphere. The Seoul-based police officials have claimed that the North Korean crypto hackers targeted South Korean ministers. 

A close shave 

As per the report by Dong-a Ilbo, the cyber experts of South Korea gained control during the attack. According to them, the culprits couldn’t get total control over the servers. 

Briefing about the incident, they said that they have found two cryptocurrency wallets left by the hackers on the server.

Also, the police said that the wallets were used to process transactions worth $1600.

According to the official statement, the South Korean police are investigating the matter. They are trying to figure out if it was an attempt to steal the country’s funds in some way.

Furthermore, Seoul alleges that Pyongyang has executed a number of high-profile attacks on its crypto entities.

In fact, South Korea claims that the North has been trying to access its crypto reserves unauthorizedly. It targets major exchanges in South Korea as well as individual crypto users. 

The data collected by the National Police Agency shows that the North Korean hacking organization Kimsuky launched a phishing attack last year as well. It sent a number of emails to South Korean officials in mid-2022. 

Chosen targets

Among these officials, there are high-ranking office bearers from foreign affairs and national security. Some of them are incumbent and some are former too. 

Who were in the crosshairs of the North Korean crypto hackers?

The agency disclosed that they have obtained information on nine people who were on the list of hackers. 

There are four academicians, two former ministerial officials, one vice ministerial official, one journalist, and one incumbent executive official in the list.

Based on the findings, Kimsuky tried to snare dozens of their security experts onto their phishing site. 

According to the South Korean police, these attacks were done to obtain sensitive information and in all likelihood, were backed by the North Korean regime.

The hackers adapted crafty ways to get the officials to open the emails. Many of them are impersonated as students or individuals seeking opinions on their work. 

Throwing light on the investigation, the police said that they conducted an operation to nab the hackers last year. The drive continued from April to July around the time when the current president Yoon Seok-Yeol’s government was formed. 

More hackers from North Korea

Notably, the news surfaced after Sentinel Labs, the global cybercrime thinktank divulged that Kimsuky is targeting South Korean government officials.

They also gave more specific details about the North Korean hacking rings impersonating as English news channel NK News. 

It said that the shady group was stealing NK News credentials too.

Without naming Kimsuky, the global security experts said that a “North Korean group” executed a 35$ million theft from the crypto wallet platform Atomic Wallet. 

According to the analytics firm Elliptic, the unknown group has moved the bootlegged funds to another crypto venture. Reportedly, it is Sinbad, a reboot to the Blender coin mixing platform. 

Conclusion

It should be noted that nations have used power cybercrime to infiltrate their enemy country’s digital security systems. Now the hacking menace may never be stopped, but we can certainly try to strengthen our security systems. And that is important for every country that wants to safeguard its information and assets.  

Leave a Comment

Your email address will not be published.

You may also like