North Korean government-backed hackers referenced the deadly Halloween crush in Seoul to spread malware to users in South Korea, Google’s Threat Analysis group said in a report. The malware was embedded in Microsoft Office documents purportedly a government report on the tragedy that killed more than 150 people after tens of thousands of young revelers crowded into narrow alleys.
“This incident was widely reported and the lure is benefiting from widespread public interest in the accident,” said the Threat Analysis Group.
Google attributed the activity to a North Korean hacking group known as APT37, which it says targets South Korean users, North Korean defectors, policymakers, journalists and human rights activists.
Google also said it has not determined the intent of the malware, which exploited a vulnerability in Internet Explorer. It reported the issue to Microsoft on Oct. 31 after multiple reports from South Korean users on the same day. Microsoft released a patch on November 8.
A United Nations panel of experts overseeing sanctions against North Korea has accused Pyongyang of using stolen funds obtained through hacking to support its nuclear and ballistic missile programs to evade sanctions.
North Korea has not responded to media inquiries, but has previously issued statements denying allegations of hacking.
On Thursday, South Korean officials warned companies against inadvertently hiring IT personnel from North Korea.
In May, the United States issued a similar advisory, saying rogue North Korean freelancers were abusing remote work opportunities to hide their true identities and make money for Pyongyang.
(Except for the headline, this story has not been edited by NewsMadura staff and is being published from a syndicated feed.)
Featured video of the day
Counting day in Gujarat today: who will win the 3 corner fight?