"Offering 300 Million KRW Annual Salary" Samsung Recruitment Email Revealed as Fake Job Opportunity Sent by North Korean Hackers
![North Korean hackers are attempting to hack by sending malicious emails pretending to be Samsung employees, Google warned. <br>[Photo by The Guardian, UK]](http://www.asiae.co.kr/news/img_view.htm?img=2021112713470538755_1637988424.jpeg)
North Korean hackers are attempting to hack by sending malicious emails pretending to be Samsung employees, Google warned.
[Photo by The Guardian, UK]
[Asia Economy Reporter Hwang Sumi] Google has warned that North Korean hackers are attempting to hack by sending malicious emails pretending to be Samsung employees.
On the 25th (local time), according to the UK Guardian, Google's cybersecurity team guided hacking trends targeting customers using Google's cloud computing services in the recently published November issue of 'Threat Horizon.'
Google revealed that a hacking group sponsored by the North Korean government sent fake recruitment guidance emails to employees of several Korean information security companies selling anti-malware software, impersonating Samsung's recruitment officers.
These hackers sent emails containing job offers to recipients and induced them to download an attachment said to contain a job description.
In the example email disclosed by Google, the hackers disguised themselves as Samsung's 'New Business Development Team' and requested, "Please check the document below regarding your experience and briefly fill out the form," attaching a job description PDF file.
The hackers offered an annual salary of up to 300 million won to entice recipients to open the attachment. However, Google explained that these files did not open in standard PDF reader programs.
If the recipient replied that the 'file does not open,' the hackers sent a malicious link leading to a 'secure PDF reader' within Google Drive. Clicking the link installs malicious software on the user's computer that can execute arbitrary commands.
Additionally, Google explained that a hacking group sponsored by the Russian government sent phishing emails to about 12,000 Gmail accounts mainly in the United States, the United Kingdom, and India, but Google blocked the emails, preventing any information leakage.
Google also analyzed that 86% of the cloud computing resources obtained through these attacks were used for cryptocurrency mining.
Meanwhile, Google stated that the North Korean hackers who carried out this attack are the same group as those recently active on social media platforms such as Twitter.
In January, Google's 'Threat Analysis Group' reported that North Korean hackers disguised themselves as cybersecurity experts on Twitter and other platforms to approach other researchers.
Hot Picks Today
"Stocks Are Not Taxed, but Annual Crypto Gains Over 2.5 Million Won to Be Taxed Next Year... Investors Push Back"
- "Not Jealous of Winning the Lottery"... Entire Village Stunned as 200 Million Won Jackpot of Wild Ginseng Cluster Discovered at Jirisan
- "Jeong Yu-kyung Is a Neighbor"...Itaewon Standalone House with Record 23.2 Billion Won Appraisal Up for Auction [Real Estate AtoZ]
- "How Did an Employee Who Loved Samsung End Up Like This?"... Past Video of Samsung Electronics Union Chairman Resurfaces
- "Even With a 90 Million Won Salary and Bonuses, It Doesn’t Feel Like Much"... A Latecomer Rookie Who Beat 70 to 1 Odds [Scientists Are Disappearing] ③
At that time, the North Korean hackers proposed joint research to their targets and sent malicious programs; if the researchers ran these programs, they became infected with malware.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
