N.K. hacking group monitored ex-ministers' emails for months: police
SEOUL, June 7 (Yonhap) -- A North Korean hacking group has secretly monitored emails of former South Korean Cabinet minister-level officials for months over the past year and stolen their personal information, police said Wednesday.
The North's hacking organization identified as "Kimsuky" has been found to be behind a large amount of phishing emails sent to the South's officials in the fields of diplomacy and security last year, the National Police Agency (NPA) said.
This photo provided by the National Police Agency shows a phishing email sent by North Korean hacking group Kimsuky to a South Korean official. (PHOTO NOT FOR SALE) (Yonhap)
The NPA said Kimsuky distributed malicious emails to 150 diplomacy and security experts from April to July last year to induce them to access their phishing sites. Then, a total of nine people -- three former minister-level and vice minister-level officials, one incumbent government official, four academics and experts and one reporter -- have been confirmed to have accessed the North's phishing sites and have their account information stolen, it noted.
Kimsuky is said to have monitored the victims' email transmission and reception details in real time for four to nine months and stolen their attached documents and address directories, though there were no confidential materials among the stolen information, the NPA said.
Kimsuky is widely known for its 2014 hacking of Korea Hydro & Nuclear Power Co., a South Korean power generation agency. The Seoul government imposed unilateral sanctions on Kimsuky last Friday.
The NPA said it and the National Intelligence Service have identified Kimsuky as the culprit after analyzing about 5,800 phishing emails and confirming internet protocol addresses of the sources of the hacking attacks and the methods of establishing waypoints.
Kimsuky was found to have taken control of a total of 138 servers -- 36 in South Korea and 102 abroad -- by hacking and laundered internet protocol addresses before distributing the phishing emails, the agency said, adding it has identified a new four-step attack method of North Korean hacking organizations, including Kimsuky.
ycm@yna.co.kr
(END)
-
(Asiad) S. Korea blank China to reach men's football semifinals -
N. Korea says relations with Russia are 'powerful fortress' for preserving peace -
S. Korea says N. Korea will never be recognized as nuclear-weapon state -
Police launch belated probe into another teacher's suicide after parental harassment -
(LEAD) (Asiad) PGA Tour winner Im Sung-jae in contention for 2 medals in Hangzhou
-
N. Korea stipulates nuclear force-building policy in constitution -
5 years after signing, future of inter-Korean military accord unclear -
Kim-Putin summit highlights strategic push to expand cooperation -
In desperation, N. Korea, Russia turn to one another for mutual assistance rivaling U.S.-S. Korea cooperation -
N. Korea probably sees technical advance in spy satellite launch despite botched 2nd attempt
