한미연합연습 노린 북 ‘김수키’ 소행 사이버 공격 확인

2023-08-20 • KRNPA • Cyber attack confirmed to be carried out by North Korea's ‘Kim Suki' targeting ROK-U.S. joint exercises •

https://police.go.kr/user/bbs/BD_selectBbs.do?q_bbsCode=1002&q_bbscttSn=20230821091828305&q_tab=&q_searchKeyTy=&q_searchVal=&q_rowPerPage=10&q_currPage=1&q_sortName=&q_sortOrder=&

#News #Kimsuky

Attachments

230821조간용_한미연합연습_노린_북_김수키_소행_사이버_고_0ofdxHu.pdf (339 KB)

Thumbnail for 한미연합연습 노린 북 ‘김수키’ 소행 사이버 공격 확인

South Korean police attributed a malicious email campaign targeting personnel assigned to South Korea-U.S. joint military exercises to Kimsuky. Investigators said the group had persistently targeted a domestic war-game operations company since April 2022, compromised an employee mailbox in January, installed malware on company systems, and monitored work status and emails through remote access. The attackers then used stolen employee information to send tax-document-themed malicious emails to personnel assigned to the combined exercise simulation room; military network defenses blocked the malware, but some external personal PCs were infected after forwarded messages were opened.