Washington Times on September 16, 2013, reported that a group of hackers using Internet addresses accessible from North Korea have been waging an “unsophisticated” campaign to spy on defense think tanks, government agencies and other security-related targets in South Korea, according to computer security researchers. Excerpts below:

In a posting to its email list, a researcher from the Russian security outfit Kaspersky Lab analyzed malicious software, or malware, that he said had attacked 11 organizations based in South Korea.

“Taking into account the profiles of the targeted organizations — South Korean universities that conduct research on international affairs, produce defense policies for government, [a] national shipping company, support groups for Korean unification — one might easily suspect that the attackers might be from North Korea,” wrote Kaspersky Lab’s Dmitry Tarakanov.

Mr. Tarakanov, who dubbed the malware campaign “Kimsuky,” said it was designed to steal logins and passwords from infected machines and had been running since April.

The attackers used 10 network addresses assigned to Internet service providers (ISPs) in Chinese provinces bordering North Korea, Mr. Tarakanov stated.

South Korean intelligence officials have accused North Korea of being behind previous cyberattacks, including one on March 20 that wiped data from thousands of computers at South Korean banks and TV stations.
Seoul says Pyongyang’s cyberwarfare unit has as many as 3,000 trained hackers.


Tags: , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: