North Korean Hackers Send Attacks on 892 Important Figures of South Korea

JAKARTA - South Korea's National Police Agency said that North Korean hackers targeted attacks on 892 South Korean foreign policy experts through phishing emails to steal personal data as well as ransomware attacks.

Authorities there also said on Sunday, December 25, that the attack was thorough enough to trick some victims into entering fake websites, exposing their login details to the attackers.

The attack, which started last April, targeted several important South Korean figures, especially think tank experts and professors.

Authorities also cited several examples found, one of which was hackers posing as high-profile South Korean figures and sending emails that included links to fake websites or attachments carrying viruses.

As a result, forty-nine recipients ended up visiting the fake website, which allowed hackers to infiltrate and monitor their email accounts and download data from them, the agency said, reported by Scmp and other local media.

The police suspect that the hackers are the same group that hacked the Korean Hydro & Nuclear Power Plant in 2014.

Based on the IP address indicating the origin of the attack, authorities said the hackers persuaded their targets to register with foreign websites.

They target experts on diplomacy, inter-Korean unification, national security and defense as reasons to believe it. Currently, the police are investigating a North Korean hacking group named Kimsuky.

According to Seongsu Park, Principal Security Researcher for the Global Research and Analysis Team (GReAT) at Kaspersky last September, Kimsuky already has 603 malicious command centers with more attacks possibly reaching beyond the Korean peninsula.