US-N. Korea summit email used to spread malware in S. Korea
Published : Jun 1, 2018 - 15:32
Updated : Jun 1, 2018 - 15:32

Emails with an attachment containing a malware virus have spread across South Korea by using the summit meeting between North Korea and the United States as a form of bait, US networking company Cisco Systems said Friday.

The emails with an attached Hangul Word Processor document, with the title translated in English as "prospect and preparations for US-N.Korea summit," were sent to Naver Mail accounts, the email service of Naver Corp., South Korea's top Internet portal operator, the company said.

This photo provided by Cisco Systems on June 1, 2018, shows the captured image of an attached file containing a malware virus that posed as a file about a summit meeting between North Korea and the United States. (Yonhap)

If a malicious document is opened, a remote access Trojan called "NavRAT" is downloaded, which can perform various actions on the victim's computer, including command executions. The malware also has keylogging capabilities that can pose serious security problems, a source said.

In South Korea, the HWP file format can be used to embed Encapsulated PostScript within a document. Once opened this can carry out malicious attacks on computer systems.

The use of the summit as a way to spread the virus comes as there is keen interest in the country in regards to the preparations for a potential summit between North Korean leader Kim Jong-un and US President Donald Trump, which will likely take place in Singapore on June 12 to discuss the denuclearization of the Korean Peninsula. (Yonhap)