North Korean hackers target nuclear research centre
A hacker group linked to North Korea infiltrated the computer systems of one of South Korea’s largest nuclear research centers.
This was reported by the Renhap news agency with reference to the South Korean politician Ha Te Keun.
According to the politician, hackers attacked the Korean Atomic Energy Research Institute on May 14 this year. Initially, the administration of the institute tried to hide the fact of the attack but then admitted that a hack had taken place. Presumably, the organization is still investigating the incident and is trying to find out what data fell into the hands of hackers.
The attack used 13 IP addresses, some of them turned out to be the servers of the Kimsuky APT group (aka Black Banshee, Velvet Chollima and Thallium), which, according to the researchers, is a division of the DPRK intelligence service.
According to Ha Te Geun, some of the IP addresses used the email address of the former adviser to the President of the Republic of Kazakhstan on foreign policy, Moon Chung-in. The official’s email account was allegedly hacked in 2018, but it wasn’t until 2020 that experts established Kimsuky’s involvement in the hack.
The group is believed to have been operating since 2012 and collects intelligence mainly through targeted phishing. Kimsuky attacks renowned experts in various fields, think tanks and government agencies in South Korea.
Catch up on more articles here
Follow us on Twitter here