Major North Korean hacker groups have been carrying out "large-scale" cyberattacks on South Korean defense companies for more than a year, hacking into internal networks and stealing technical data. This was reported by Reuters, citing a statement by the South Korean police, UNN reports .
Details
It is noted that hacker groups affiliated with North Korea's intelligence apparatus, known as Lazarus, Kimsuky, and Andariel, have installed malicious codes in the information systems of South Korean defense companies either directly or through contractors.
The police, working with a team of experts from the national spy agency and the private sector, traced the cyberattacks, identifying them by their source IP addresses, signal redirection architecture, and malware signatures,
In particular, in the case of November 2022, hackers posted code on the company's public network that infected its intranet when the internal security program was temporarily disabled.
In addition, the hackers took advantage of the carelessness of subcontractors' employees who used the same passwords for private and work emails - they logged into the defense company's networks and stole confidential technical data.
FBI says Chinese hackers are preparing to attack US infrastructure4/19/24, 2:42 PM