North Korea's Lazarus hacked 61 S. Korean agencies: police
2024-06-11 14:12:28
 |
| An official from the National Police Agency gives a press briefing at the agency's headquarters in Seoul, Tuesday. Yonhap |
By Ko Dong-hwan
The National Police Agency (NPA) said on Tuesday it has confirmed North Korean hacking group "Lazarus" has so far attacked over 200 computers in 61 agencies here.
At a press conference at its headquarters in Seoul, the NPA said 207 computers at eight news outlets and 53 other agencies have been hacked by the group.
The South Korean police discovered that North Koreans hackers had targeted a vulnerability in a certain personal authentication software with security firewalls, which is widely used in South Korea to access personal banking and governmental websites containing personal data.
Hackers exploited the vulnerability to install the software which automatically planted the virus in the computers, according to the police, in what it refers to as a "watering hole" attack.
There are approximately 10 million computers in South Korea that have the same software installed, the authority said Tuesday.
The hackers had a predetermined plot from 2021 to infiltrate INISAFE, a South Korean personal authentication software developer, by studying the software's weaknesses and to develop their own malware, the police said.
The NPA said they had managed to discover signs of Lazarus' activities on South Korean networks and preemptively blocked their further access in cooperation with other agencies.
The authority reminded the public to update their computer cybersecurity software as North Korean hackers continue advancing their ingenuity.
Lazarus was accused by the U.S. government of having stolen an astronomical amount of cyber currency through an online game. The U.S. Department of Treasury said on April 6 that the hackers stole $620 million from the non-fungible token-based online game, Axie Infinity, in one of the largest cyber theft cases of 2022.
Last February, the South Korean government placed its first independent sanctions on North Korea in the area of illicit cyber activities. Four North Korean hackers and seven groups, including Lazarus, were accused of having funneled funds to Pyongyang for the Kim Jong-un regime's weapons programs.
The same day, the U.S. National Intelligence Service, the U.S. National Security Agency and the FBI issued a joint security advisory against North Korea's cybercrimes, saying hackers are trying to obtain cryptocurrency through malware attacks using fake domains.
(作者:新闻中心)
