https://sputnikglobe.com/20230821/north-korean-hackers-try-to-prevent-south-korea-us-from-conducting-drills-1112746924.html
North Korean Hackers Try to Prevent South Korea, US From Conducting Drills
North Korean Hackers Try to Prevent South Korea, US From Conducting Drills
Sputnik International
The Kimsuky group hackers first tried to attack a South Korean company providing services for South Korea-US exercises. Employees' personal devices became hacked in the process, but the hackers failed to get military information.
2023-08-21T03:12+0000
2023-08-21T03:12+0000
2023-09-18T13:37+0000
asia
hacking
hacking
hacking claims
cyber crime
south korea
pentagon
military
north korea
https://cdn1.img.sputnikglobe.com/img/07e5/01/15/1081836465_0:113:1200:788_1920x0_80_0_0_c2b0b4459291d233e663695691cfd9b6.jpg
"The security investigation department of the Gyeonggi Police Agency as a result of the investigation into the case of sending several malicious emails in February-March of this year … found out that Kimsuky was behind this," the police said in a statement. The hackers first managed to enter malicious code via email into the computer of an administrative employee of the company in January, after which they obtained the data of other employees of the company, the statement read. Later, in February, the hacker group sent letters to employees providing computer simulation services for the Freedom Shield military exercises. The employees tried to open the attached file which allegedly contained information about problems with their tax deductions, but a computer network run by the Pentagon did not allow them to open the file, the statement added. However, a number of employees of the company forwarded the letters to their personal email and opened malicious files from their own computers, which led to their personal devices being hacked, the police noted, adding that North Korean hackers failed to get military information. The police, working with the US military, were able to determine that the cyberattack involved fake IP addresses used during the 2014 incident when Kimsuky hacked the South Korean operator of hydro and nuclear power plants, KHNP. In addition, the letters used expressions characteristic of the North Korean language, the statement said.
south korea
north korea
Sputnik International
feedback@sputniknews.com
+74956456601
MIA „Rossiya Segodnya“
2023
Sputnik International
feedback@sputniknews.com
+74956456601
MIA „Rossiya Segodnya“
News
en_EN
Sputnik International
feedback@sputniknews.com
+74956456601
MIA „Rossiya Segodnya“
https://cdn1.img.sputnikglobe.com/img/07e5/01/15/1081836465_0:0:1200:900_1920x0_80_0_0_714634c630628ab77f204102c9d4924e.jpgSputnik International
feedback@sputniknews.com
+74956456601
MIA „Rossiya Segodnya“
hacking, cyber crime, military, south korea, north korea, pentagon, us, united states, kimsuky group
hacking, cyber crime, military, south korea, north korea, pentagon, us, united states, kimsuky group
North Korean Hackers Try to Prevent South Korea, US From Conducting Drills
03:12 GMT 21.08.2023 (Updated: 13:37 GMT 18.09.2023) MOSCOW (Sputnik) - North Korean hackers from the Kimsuky group tried to attack a South Korean company providing computer simulation services for joint South Korea-US exercises and attempted to carry out a cyberattack on military infrastructure, the Gyeonggi Nambu Provincial Police Agency said on Sunday.
"The security investigation department of the Gyeonggi Police Agency as a result of the investigation into the case of sending several malicious emails in February-March of this year … found out that Kimsuky was behind this," the police said in a statement.
The hackers first managed to enter malicious code via email into the computer of an administrative employee of the company in January, after which they obtained the data of other employees of the company, the statement read. Later, in February, the hacker group sent letters to employees providing computer simulation services for the Freedom Shield military exercises.
The employees tried to open the attached file which allegedly contained information about problems with their tax deductions, but a computer network run by the Pentagon did not allow them to open the file, the statement added.
However, a number of employees of the company forwarded the letters to their personal email and opened malicious files from their own computers, which led to their personal devices being hacked, the police noted, adding that North Korean hackers failed to get military information.
The police, working with the US military, were able to determine that the cyberattack involved fake IP addresses used during the 2014 incident when Kimsuky hacked the South Korean operator of hydro and nuclear power plants, KHNP. In addition, the letters used expressions characteristic of the North Korean language, the statement said.