Saturday, November 16, 2024
Homecyber securityNorth Korean Hackers Hijacked Military Officials Personal Email

North Korean Hackers Hijacked Military Officials Personal Email

Published on

North Korean hacking groups are suspected of hijacking the personal email accounts of high-ranking military officials.

The Defense Ministry confirmed that a joint investigation is underway, involving both the police and military police.

A dedicated task force has been established to address the issue, underscoring the gravity of the situation.

- Advertisement - SIEM as a Service

ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service

According to the KoreanHerald report, Ministry spokesperson Jeon Ha-kyu emphasized that the compromised email accounts were private and unrelated to official work duties.

To mitigate further damage, the ministry has notified those affected and implemented additional security measures, including two-factor authentication and comprehensive antivirus checks.

Scope of the Attack and Ongoing Investigation

Local media reports suggest that around 100 personal email accounts were targeted, including those of general-level military officials and senior figures at the Defense Ministry and the Joint Chiefs of Staff.

However, Jeon refuted these claims, stating that the numbers had been exaggerated.

The police are in the early stages of their investigation, and specific details regarding the extent of the damage remain unconfirmed.

This incident marks the first time a hack has targeted such a large number of senior military figures.

Authorities are considering the possibility that the attack was carried out by one of North Korea’s state-sponsored hacking groups, such as Lazarus, Andariel, or Kimsuky.

The National Intelligence Service has reported that 80 percent of cyberattacks targeting public institutions can be traced back to North Korea.

In 2023 alone, South Korea experienced an average of over 1.62 million cyberattack attempts daily in the public sector.

In a related incident, the Police Agency revealed on May 15 that the North Korean hacking group Lazarus was responsible for a cyberattack on South Korea’s top court’s online network.

This attack leaked 1,014 gigabytes of highly sensitive information from June 2021 to January 2023.

As the investigation continues, the military and police are working diligently to uncover the full scope of the breach and prevent future incidents.

Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious...

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce...

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to...

Black Basta Ransomware Leveraging Social Engineering For Malware Deployment

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious...

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce...

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to...