Shares tags: News, Phishing • Same author: KRNIS • Published within a month
국정원, 국내 '포털사이트' 사칭한 北 해킹공격 주의 촉구
2023-05-25 • KRNIS • National Intelligence Service urges caution in North Korean hacking attacks impersonating domestic ‘portal sites' •
https://www.nis.go.kr:4016/resources/synap/skin/doc.html?fn=NIS_FILE_1684989401166
Attachments
보도자료230525.hwp (10 MB)
South Korea's National Intelligence Service warned that North Korean hacking groups were impersonating domestic portal sites such as Naver and Kakao/Daum in phishing emails. Based on 2020-2022 statistics, NIS said email-based attacks accounted for 74 percent of observed North Korean hacking methods against South Korean targets, ahead of vulnerability exploitation and watering-hole attacks. The advisory described victims losing years of mailbox contents, cloud-stored resumes, work files, and sensitive remote-work materials after opening messages that posed as portal administrators or password-leak alerts.
Indicators of Compromise
| Type | Value | First Seen | Last Seen |
|---|---|---|---|
| [email protected] | 2023-05-25 | 2023-05-25 | |
| [email protected] | 2023-05-25 | 2023-05-25 | |
| [email protected] | 2023-05-25 | 2023-05-25 | |
| [email protected] | 2023-05-25 | 2023-05-25 | |
| DOMAIN | help.naveradmin.com | 2023-05-25 | 2023-05-25 |
| DOMAIN | help.navor.com | 2023-05-25 | 2023-05-25 |
| DOMAIN | navecorp.com | 2023-05-25 | 2023-05-25 |
| DOMAIN | kakaocrp.com | 2023-05-25 | 2023-05-25 |
| DOMAIN | kakaocrop.net | 2023-05-25 | 2023-05-25 |
| DOMAIN | sian.com | 2023-05-25 | 2023-05-25 |
| DOMAIN | daurn.net | 2023-01-13 | 2023-05-25 |
| DOMAIN | helpnaver.com | 2019-08-29 | 2023-05-25 |
Related Reports
Shares tags: News, Phishing • Published within a month
Shares tags: News, Phishing • Published within a month
Shares tags: News, Phishing • Published within a week
Shares tags: News, Phishing
Shares tags: News, Phishing