North Korean Hacking Group Behind Cryptocurrency Heist

State-Backed Hackers Impersonate South Korean Entities

North Korea’s state-backed hacking group, known as ‘Kimsuky,’ has been identified as the culprit behind a cryptocurrency heist. The hackers disguised themselves as South Korean government agencies, according to a local report. They impersonated South Korean journalists, government agencies, and research institutes. Over the course of seven months, from March to October 2023, a total of 1,468 individuals fell victim to these crypto hackers, as confirmed by local police.

The victims comprised 57 incumbent or retired government officials in areas such as diplomacy, military, and national security. The remaining 1,411 victims were from the private sector, as stated in the report. The police officer noted, “The police will work closely with relevant institutions and agencies to continuously track down North Korea’s cyber-attacks and breaches to prevent further losses.”

The South Korean National Police Agency revealed that the perpetrators executed their malicious act by sending phishing emails. These emails were designed to appear as if they were sent from South Korean government agencies, including the National Police Agency, National Health Insurance Service, National Pension Service, and National Tax Service.

The phishing emails contained a “clickbait” link, which encouraged recipients to click on a particular web page. Words like “notice” and “questionnaire” were used to entice victims. Once the recipients opened the scam email or its attachments, their computers were infected with malware, explained the police. This malware then proceeded to steal victims’ personal information and cryptocurrency. “The illegal cyber activity was aimed at stealing cryptocurrency,” they added.

Based on police data, the attackers managed to steal IDs and profile information of 19 victims, enabling them to access their crypto trading accounts. In addition, they commandeered 147 proxy servers to carry out crypto mining programs. To prevent further losses, the police have shut down 42 phishing websites operated by the North Korean hacker group.

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Article

The Controversy Surrounding Blast's Ethereum Layer-2 Network

Next Article

The Latest News in Crypto and Blockchain

Related Posts