- Jeff Bezos’ girlfriend allegedly sent his nudes to her brother, who then leaked them Saturday 6:38 PM
- This Instagram account catches influencers in the wild Saturday 5:42 PM
- The best upcoming video games to look out for in February 2020 Saturday 5:23 PM
- TikTok teens use AirPods and Google Translate to secretly talk in class Saturday 4:32 PM
- Video shows corpses of coronavirus victims lying in China hospital Saturday 3:44 PM
- Kid meets Slipknot after drumming video goes viral Saturday 2:30 PM
- Channing Tatum responds to troll who tried to compare Jenna Dewan and Jessie J’s looks Saturday 1:46 PM
- Grindr pulls an ‘I don’t know her’ after Eminem suggests he uses the app Saturday 12:48 PM
- Here are the top 10 most popular Instagram models in 2020 Saturday 12:21 PM
- ‘The Chilling Adventures of Sabrina’ takes its characters on a fantasy adventure to Hell in season 3 Saturday 11:37 AM
- Woman no longer in sorority, school after racist MLK post Saturday 10:45 AM
- Netflix’s ‘Miss Americana’ starts to deconstruct the myth of Taylor Swift Saturday 10:32 AM
- Teens charged with attempted arson after participating in TikTok ‘outlet challenge’ Saturday 8:56 AM
- ‘American Dirt’ is a metaphor for a white country built on the back of immigrants Saturday 6:00 AM
- This woman told two students to ‘speak English’ and people are not having it Friday 9:53 PM
North Korea launches ‘limited and highly targeted’ cyberattack on South
According to Kaspersky Labs, this is the first time a hack can be attributed to a North Korean agency.
A series of hacks targeting South Korean think tanks, as well as the website for the country’s Ministry of Unification, has been traced to North Korea.
According to Kaspersky Labs, a Russian security firm, this is the first time a hack can be attributed to a North Korean agency.
The hacking campaign, called “Kimsuky,” is “limited and highly targeted,” Kaspersky said in a blog post. The hackers targeted 11 organizations based in South Korea and two entities in China. They included the Sejong Institute, the Korea Institute For Defense Analysis, Hyundai Merchant Marine, and the Supporters of Korean Unification.
The Kimsuky trojan enables keystroke logging, directory listing collection, remote control access, and HWP document theft. The attackers are reportedly using a modified version of the TeamViewer remote access application as a backdoor to hijack files from any machines they are able to infect.
In addition to the targets, which include governmental departments and other organizations devoted to the reunification of the two Koreas, the North Korean origin of the malware and hackers can be inferred, according to Kaspersky, from the fact that the compilation path string contains Korean words and that two email addresses used by bots (to send reports on status and transmit infected system information via attachments) are registered with names that indicate a North Korean origin. Also, the 10 source IP addresses of the hackers come from the Chinese provinces that lie along the North Korean border.
Although it is not certain, it is believed that the initial infections were accomplished through spearphishing attacks.
Curt Hopkins has over two decades of experience as a journalist, editorial strategist, and social media manager. His work has been published by Ars Technica, Reuters, Los Angeles Times, and San Francisco Chronicle. He is the also founding director of the Committee to Protect Bloggers, the first organization devoted to global free speech rights for bloggers