From
Send to

NK behind spread of malicious code posing as news on scandal: police

Jan. 25, 2017 - 15:01 By KH디지털2

North Korea was behind the spread of malicious codes through e-mails in November posing as news reports on the influence-peddling scandal involving President Park Geun-hye, police said Wednesday, 

The National Police Agency said the Internet Protocol address used by the first sender was found to be located in Pyongyang.

Attached to the e-mail was a file entitled "A worrying Republic of Korea." Inside the document was content related to the scandal on Park and her confidante Choi Soon-sil.

Once a user opens the document, the program installs itself in the target computer and leeches information.

(Yonhap)
The hackers used a proxy server provided from the United States, according to the cyber investigation division.

The same IP address was used in March 20, 2013, by North Korean hackers who launched a wave of attacks on computer networks of local broadcasters and financial firms, 

"Pyongyang is spreading malicious e-mails with content related to significant North Korean news or other domestic issues," an official from the police said. "Users must refrain from opening e-mails from unidentified senders as well as opening attachments." (Yonhap)