Beware of 'Spear Phishing' Impersonating Special Advisor Moon Jeong-in... Suspected North Korean-Linked Hacker Activity
[Asia Economy Reporter Jin-gyu Lee] East Security announced on the 14th that a 'spear phishing' attack disguised as a seminar presentation file by Moon Jung-in, the President's Special Advisor on Unification, Diplomacy, and Security, was discovered stealing information from specific PCs.
Spear phishing is mainly carried out by embedding malware in emails from trusted accounts to extract information from specific individuals or companies.
The malicious document file discovered this time is titled 'Moon Jung-in President Unification Diplomacy Security Special Advisor US National Interest Center Seminar.doc'. When opening the file, a security warning appears at the top, accompanied by an English guide urging the user to click the 'Enable Content' button in the warning to view the document properly.
Clicking this installs additional malware from a specific server in Korea, collects various information such as the user's PC system information, recent execution history, and running program list, and waits for further commands from the attacker, effectively turning the PC into a so-called 'zombie PC'. In this case, the attacker can remotely control the PC to attempt additional malicious actions at any time, increasing the risk of secondary damage.
Hot Picks Today
"Stocks Are Not Taxed, but Annual Crypto Gains Over 2.5 Million Won to Be Taxed Next Year... Investors Push Back"
- "Not Jealous of Winning the Lottery"... Entire Village Stunned as 200 Million Won Jackpot of Wild Ginseng Cluster Discovered at Jirisan
- Bull Market End Signal? Securities Firm Warns: "Sell SK hynix 'At This Moment'"
- "Greater Impact on Women Than Men"... The 'Diet Trap' That Causes Sleepless Nights and Suffering
- "Even With a 90 Million Won Salary and Bonuses, It Doesn’t Feel Like Much"... A Latecomer Rookie Who Beat 70 to 1 Odds [Scientists Are Disappearing] ③
The group attempting this attack was analyzed by East Security as the hacking organization 'Kimsuky Group', which has been linked to North Korea. Jong-hyun Moon, Director of the Security Response Center at East Security, explained, "Most of the previous attacks, malware creation techniques, and attack styles of the Kimsuky group are identical, so it is presumed to be the work of this organization."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
