N. Korean hackers suspected of continuing attacks amid friendly inter-Korean relations

SEOUL, July 5 (Yonhap) -- North Korean hackers are suspected of carrying out cyber attacks aimed at raising profits and collecting data despite warm relations between the two Koreas, security experts here said Thursday.

According to security sources, North Korea has not desisted from attacking South Korean organizations even though Seoul and Pyongyang agreed to stop hostile acts against each other after the landmark summit held in late April.

A North Korea-based hacking group, dubbed "Hidden Cobra," recently infected local hospitals and manufacturing firms with malicious codes, cyber security sources said. The group is also presumed to have attacked financial and media companies around the globe to collect data.

ESTsecurity Corp., a local security firm, said Wednesday a hacking group is sending out e-mails disguised as a South Korean governmental agency carrying out research on separated families of the two Koreas. The email can infect the computer with advanced persistent threat (APT) attacks.

The company said it also found traces of Russian codes in the attack, but it is believed to be a "false flag" intended to deceive investigators.

"If previous attacks focused on stealing server information, (hackers, presumed to be North Korean,) are recently centering on collecting information from corporate and personal computers," an official from SK InfoSec said.

Local cyber security firms, however, are refraining from openly announcing attacks from North Korea considering Seoul's latest push for peaceful reconciliation, industry watchers said.

"Judging solely by latest actions by North Korean hackers, it seems that cyber space is excluded from the agreement on ending hostile acts," another security expert claimed.

colin@yna.co.kr
(END)