"North Korean Hacking Group Targets Diplomacy and Security Experts... Beware of PDF Files"
A portion of the screen displayed when a malicious PDF document is executed. Provided by East Security.
View original image[Asia Economy Reporter Buaeri] Security company ESTsecurity warned on the 3rd about advanced persistent threat (APT) attacks using malicious PDF document files in South Korea.
According to ESTsecurity Security Response Center (ESRC), the newly discovered PDF file vulnerability attacks have been confirmed to be used in hacking attacks targeting current and former personnel in the fields of diplomacy, security, defense, and unification in South Korea since May.
After an in-depth analysis of the techniques and strategies used in this PDF vulnerability attack, ESRC identified the hacking group known as ‘Thallium,’ linked to North Korea, as the threat actor behind it.
This group had mainly exploited the macro function of MS Word document files (DOC, DOCX) for infection methods until recently, but it is estimated that they have recently attempted to shift to techniques exploiting PDF vulnerabilities.
The ‘Thallium’ group has continuously attempted hacking attacks targeting current and former high-ranking government officials at the vice minister level and above in South Korea. In fact, during the 2021 South Korea-US summit, it was confirmed that they attempted hacking attacks using DOC documents targeting experts in diplomacy, security, unification, and North Korea-related fields.
ESTsecurity has completed an urgent update to enable detection of the newly discovered malicious files through its antivirus program ALYac, and is closely coordinating response measures with relevant government agencies to prevent further damage.
Hot Picks Today
!["Rather Than Endure a 1.5 Million KRW Stipend, I'd Rather Earn 500 Million in the U.S." Top Talent from SNU and KAIST Are Leaving [Scientists Are Disappearing] ①](https://cwcontent.asiae.co.kr/asiaresize/93/2026051914165468840_1779167814.png)
"Rather Than Endure a 1.5 Million KRW Stipend, I'd Rather Earn 500 Million in the U.S." Top Talent from SNU and KAIST Are Leaving [Scientists Are Disappearing] ①
- "Not Jealous of Winning the Lottery"... Entire Village Stunned as 200 Million Won Jackpot of Wild Ginseng Cluster Discovered at Jirisan
- "I'll Stop by Starbucks Tomorrow": People Power Chungbuk Committee and Geoje Mayoral Candidate Face Criticism for Alleged 5·18 Demeaning Remarks
- SungSook Han: “Linking Support for Small Business Owners During Suspension or Closure With Psychological Recovery Systems”
- "How Did an Employee Who Loved Samsung End Up Like This?"... Past Video of Samsung Electronics Union Chairman Resurfaces
Moon Jonghyun, director of ESTsecurity ESRC, urged, "Along with the previously prevalent DOC malicious document forms, attacks exploiting PDF vulnerabilities are also increasing, so careful attention and preparation are required when receiving PDF files via email."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
