North Korean hackers have launched a cyberattack on the German company Diehl Defense, which specializes in the production of weapons, including Iris-T missiles. This was reported by Spiegel, UNN reports.
Details
According to experts, the attack was organized by the hacker group Kimsuky, which acts in favor of the DPRK government. The attack was detected by experts from Mandiant, an American cybersecurity company that is part of Google.
The hackers tried to trick Diehl Defense employees into opening malicious PDFs via fake job offers on behalf of major US defense suppliers. Clicking on the fake file would infect the computer with malware, allowing the attackers to spy on users.
To disguise their activities, the hackers used a server named "Uberlingen" after the location of Diehl Defense's office in Germany. They also created fake pages to steal user data that mimicked German services such as Telekom and GMX.
Experts from Mandiant note that Kimsuky carefully prepared for the attack by collecting information about German companies and their employees. Germany's Federal Office for Information Security (BSI) confirmed that it is monitoring the actions of this hacker group, known as APT43, and warned of possible attacks on other organizations in the country.
У Німеччині звинуватили російську військову розвідку в кібератаках на ЄС та НАТО09.09.24, 12:44