Most North Koreans don't spend much of their lives in front of a computer. But some of the lucky few who do, it seems, have been hit with a remarkable arsenal of hacking techniques over the last year—a sophisticated spying spree that some researchers suspect South Korea may have pulled off.
Cybersecurity researchers at Google's Threat Analysis Group today revealed that an unnamed group of hackers used no fewer than five zero-day vulnerabilities, secret hackable flaws in software, to target North Koreans and North Korea-focused professionals in 2019. The hacking operations exploited flaws in Internet Explorer, Chrome, and Windows with phishing emails that carried malicious attachments or links to malicious sites, as well as so-called watering hole attacks that planted malware on victims' machines when they visited certain websites that had been hacked to infect visitors via their browsers.
Google declined to comment on who might be responsible for the attacks, but Russian security firm Kaspersky tells WIRED it has linked Google's findings with DarkHotel, a group that has targeted North Koreans in the past and is suspected of working on behalf of the South Korean government.
South Koreans spying on a northern adversary that frequently threatens to launch missiles across the border is not unexpected. But the country's ability to use five zero days in a single spy campaign within a year represents a surprising level of sophistication and resources. "Finding this many zero-day exploits from the same actor in a relatively short time frame is rare," writes Google TAG researcher To ..
Support the originator by clicking the read the rest link below.
