Police Identify Lazarus Group Behind Inisafe Hacking... No Additional Financial Damage Reported
61 Institutions and 10 Million PCs Exposed to Hacking Attacks
No Additional Data Leaks or Financial Damage Reported
The National Police Agency's National Investigation Headquarters announced on the 18th that, as a result of investigating the cyberattack incident exploiting vulnerabilities in financial security authentication software, it was confirmed that the Lazarus hacking group, backed by North Korea's Reconnaissance General Bureau, was responsible. The National Police Agency made this announcement after analyzing watering hole tactics and malware similarities.
Lazarus is a North Korean hacking group known to be involved in incidents such as the 2014 U.S. Sony Pictures hacking case and the 2016 Bangladesh Central Bank hacking case. The government designated the Lazarus hacking group as a target of independent sanctions against North Korea in the cyber sector in February this year.
North Korea exploited vulnerabilities in 'Inisafe,' financial security authentication software developed by Initech, a financial and security specialist company under the KT Group, to carry out hacking attacks including PC hacking and malware distribution.
According to the police investigation, North Korea hacked a domestic financial security authentication company in April 2021, identified vulnerabilities, and meticulously prepared attack infrastructure such as web servers and command-and-control relay points for long-term use in attacks.
The police reported that a total of 61 institutions were hacked, including 8 media outlets, 4 medical and bio institutions, 3 defense-related organizations, 3 national public institutions, and 43 private companies. Considering the domestic market share of the software, it is reported that 10 million PCs were exposed to hacking threats. However, they stated that no additional damage such as leakage of specific data or actual monetary theft occurred.
Hot Picks Today
!["Stock Set to Double: This Company Smiles Every Time a Data Center Is Built [Click e-Stock]"](https://cwcontent.asiae.co.kr/asiaresize/93/2026050416112750184_1777878687.jpg)
"Stock Set to Double: This Company Smiles Every...
- "Is Yours Just Gathering Dust at Home? Millennials & Gen Z Rediscover Digicams O...
- "Continuous Groundwater Pumping Causes Mexico City to Sink 24cm Annually... 'Gia...
- "I Take Full Responsibility"... Seongjae Ahn Issues Direct Apology for 'Wine Swi...
- “She Shouted, ‘The Rope Isn’t Tied!’... Chinese Woman Falls from 168m Cliff ...
The police stated that this case was identified and blocked through joint efforts with related agencies in response to a large-scale cyberattack. A National Police Agency official said, "It is significant that we obtained intelligence and uncovered the criminal facts," adding, "We plan to continue investigations into international cooperative investigations regarding overseas attacks and victims confirmed in this case, as well as the possibility of additional damage cases and similar hacking attempts."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
