보도자료231107.hwp (14 MB)

South Korea’s National Intelligence Service warned that North Korean hackers continued exploiting vulnerabilities in MagicLine4NX, a certificate-authentication program used by public, financial, and other Korean websites. The notice says the Reconnaissance General Bureau previously abused the software to compromise more than 50 public-sector, media, defense, and IT organizations, and that unpatched systems at some media outlets and institutions could still serve as hacking entry points. NIS said it detected attempts to rebuild attack infrastructure through vulnerable sites and urged rapid updates or removal of old versions. The agency also coordinated with MSIT, KISA, the Financial Security Institute, AhnLab, Hauri, ESTsecurity, and Dream Security to detect and delete enterprise installations of MagicLine4NX version 1.0.0.26 and below.