비트코인거래소_해킹시도.hwp (522 KB)

South Korean authorities said an investigation confirmed North Korea was behind attempted attacks on domestic bitcoin exchanges between July and August 2017. The attackers sent ten spear-phishing emails with malicious attachments to 25 people connected to four exchanges, impersonating entities such as police, prosecutors, financial-security organizations, Seoul City, and Nonghyup. Investigators said no exchange PCs were confirmed infected and no bitcoin theft was identified, but assessed the intent as infecting employee systems to penetrate internal networks and steal cryptocurrency. Evidence cited in the excerpt included a North Korean access location used for email testing and relay or C2 server IP ranges matching those seen in the 2014 KHNP hack and 2016 Blue House impersonation email case.