North Korea-Linked Hacking Group Poses as Samsung Cloud for Email Phishing
[Asia Economy Reporter Bu Aeri] A hacking group presumed to be from North Korea, 'Thallium,' has been found to have conducted email phishing attacks targeting individuals working in North Korea-related fields by impersonating Samsung Cloud.
Security company ESTsecurity announced on the 25th that it discovered an email phishing attack targeting individuals in North Korea-related fields by impersonating a major domestic corporation.
This attack used a method of sending meticulously crafted malicious emails to specific individuals in North Korea-related fields, making it appear as if they were sent from the 'Samsung Cloud Service.'
The email body included a notice stating that the use of the Samsung Cloud Service gallery was confirmed, along with emphasized text showing 'Frequently Asked Questions.' Clicking this text connects to a malicious URL pre-set by the attacker.
ESTsecurity confirmed that the IP address range used in this attack matches the activity range of the hacking group 'Thallium.'
Thallium is an organization that focuses attacks on domestic defense contractors, individuals working in North Korea research fields, defectors from North Korea, and journalists covering North Korea. Although the exact scale and existence are not precisely known, the industry views it as being backed by North Korea.
Hot Picks Today
"Stocks Are Not Taxed, but Annual Crypto Gains Over 2.5 Million Won to Be Taxed Next Year... Investors Push Back"
- "Contracts Signed Without Viewing at 1.6 Billion Won"... Jamsil and Seongbuk Jeonse Prices Jump 200 Million Won in a Month [Real Estate AtoZ]
- [Breaking] Blue House expresses "deep regret over Samsung negotiation breakdown... urges both sides to do their best for a final agreement"
- "Don't Throw Away Coffee Grounds" Transformed into 'High-Grade Fuel' in Just 90 Seconds [Reading Science]
- "Even With a 90 Million Won Salary and Bonuses, It Doesn’t Feel Like Much"... A Latecomer Rookie Who Beat 70 to 1 Odds [Scientists Are Disappearing] ③
Moon Jonghyun, head of the ESRC Center at ESTsecurity, stated, "The Thallium group, known to be linked to a specific government, is conducting cyber espionage almost daily against domestic activists in North Korea-related fields, raising the level of threat," and added, "Since Thallium's attack methods are becoming increasingly diverse and sophisticated, special caution is required."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
