Suspected North Korean hackers have attempted an attack targeting a major joint military exercise between Seoul and Washington that starts on Monday, South Korean police said.
South Korea and the United States will kick off the annual Ulchi Freedom Shield drills on Monday through August 31 to counter growing threats from the nuclear-armed North.
Pyongyang views such exercises as rehearsals for an invasion and has repeatedly warned it would take “overwhelming” action in response.
The hackers — believed to be linked to a North Korean group dubbed Kimsuky — carried out “continuous malicious email attacks” on South Korean contractors working at the allies’ combined exercise war simulation centre, the Gyeonggi Nambu Provincial Police Agency said in a statement on Sunday.
“Police investigation confirms that North Korean hacking group was responsible for the attack,” it said in a statement, adding that military-related information was not stolen.
A joint investigation by the police and the US military found that the IP address used in the latest attack matched one identified in a 2014 hack against South Korea’s nuclear reactor operator blamed on the group, according to the statement.
The Kimsuky hackers use “spearphishing” tactics — sending malicious attachments embedded in emails — to exfiltrate desired information from victims. According to findings by the US Cybersecurity and Infrastructure Security Agency in 2020, Kimsuky is “most likely tasked by the North Korean regime with a global intelligence gathering mission.”
The group — believed to be active since 2012 — targets individuals and organizations in South Korea, Japan, and the United States, focusing on foreign policy and national security issues related to the Korean peninsula, nuclear policy, and sanctions, it added.
Related: US, South Korea Detail North Korea’s Social Engineering Techniques
Related: US Sanctions North Korean University for Training Hackers
Related: North Korean Hackers Target Mac Users With New ‘RustBucket’ Malware
Related: North Korean Group Kimsuky Targets Government Agencies With New Malware
More from AFP
- US State Department Says 60,000 Emails Taken in Alleged Chinese Hack
- UK Minister Warns Meta Over End-to-End Encryption
- ‘Cybersecurity Incident’ Hits ICC
- China Says No Law Banning iPhone Use in Govt Agencies
- Spies, Hackers, Informants: How China Snoops on the West
- Meta Fights Sprawling Chinese ‘Spamouflage’ Operation
- Two Men Arrested Following Poland Railway Hacking
- UK Court Concludes Teenager Behind Huge Hacking Campaign
Latest News
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- National Security Agency is Starting an Artificial Intelligence Security Center
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
