외교안보 학술회의 토론 주제 사칭한 北 연계 해킹 공격 주의!
2022-12-02 • ESTSecurity • North Korea-linked hacking attack impersonates diplomacy and security academic conference discussion topics •
ESRC reports a North Korea-linked spear-phishing operation targeting diplomacy, security, and unification specialists with academic-conference discussion and paper-request lures. The operators first sent benign-looking emails, then followed up only with responsive targets, delivering double-extension LNK files disguised as PDFs that invoked mshta.exe to contact attacker infrastructure.
Indicators of Compromise
| Type | Value | First Seen | Last Seen |
|---|---|---|---|
| DOMAIN | ark6835.scienceontheweb.net | 2022-12-02 | 2022-12-02 |
| DOMAIN | cimoon.scienceontheweb.net | 2022-12-02 | 2022-12-02 |