According to South Korea’s National Police Agency, hackers stole the information of 1,468 victims between March and October 2023.
North Korean hackers are now trying to lure victims by posing as South Korean officials and journalists in a bid to steal cryptocurrency.
According to local Korean newspaper Korea JoongAng Daily, cybercriminals linked to the DPRK stole the information of 1,468 victims between March and October 2023, including 57 current or “retired” government officials in diplomacy, military and national security.
Police say North Korea has stepped up efforts to steal private data through email phishing, impersonating South Korea’s National Police Agency, the National Health Insurance Service, the National Pension Service and the National Service. of taxes. According to the report, hackers use bait words such as “notice” or “questionnaire” to lure victims.
Once victims open the links included in the email, malware creates hidden channels on computers and mobile devices to steal personal data. Police believe the latest activity is part of North Korea’s efforts aimed at stealing cryptocurrency, as nearly two dozen victims’ IDs and profiles were used to gain access to their cryptocurrency trading accounts, without disclosing which trading platforms. Cryptocurrencies were under the radar.
In early November 2023, crypto.news reported that the infamous North Korean hacking group Lazarus began distributing a malicious Python application posing as a crypto arbitrage bot via direct message on a public Discord server. According to Elastic Security Labs, the so-called Kandykorn malware is distributed in the form of a ZIP file.
