North Korean hackers have successfully targeted South Korean government officials in a phishing campaign that began in March, according to the South Korea National Police Agency. The hackers, posing as journalists, focused on nearly 1,500 individuals, including retired and active government officials.
Authorities report that between March and October, a total of 1,468 victims fell prey to the elaborate scheme.
The cybercriminals, in a notable escalation of their activities, managed to compromise the crypto accounts of 19 victims and infiltrate more than 147 proxy servers with crypto-mining malware.
The hackers employed sophisticated tactics by impersonating South Korean journalists and government bodies, including entities like the national tax, pension, and health insurance services, as well as the South Korean National Police Agency.
Under these fabricated identities, the perpetrators sent convincing phishing emails to their targets.
The deceptive emails, acting as the initial point of contact, lured unsuspecting recipients—57 of whom were government officials—into clicking on malicious links. With just one click, victims unknowingly unleashed malware onto their devices, providing the hackers with access to sensitive data stored on these compromised systems.
The police have noted a concerning trend in the expanding scope and scale of North Korea’s hacking efforts throughout the year.
In response, authorities have taken action, identifying and shutting down 42 related phishing websites associated with these malicious activities.
This targeted phishing campaign underscores the evolving nature of cyber threats in the region. The surge in attacks emphasizes the urgent need for enhanced cybersecurity measures to safeguard sensitive information from falling into the wrong hands.