May 25, 2024

DPRK-attributed malware attack uses ROK government certificate to trick victims

Code reportedly designed by North Korean “Kimsuky” group installs trojan to steal information from infected computers

North Korean hackers have used stolen residential details of a former South Korean government official to spread malware and gain access to their victims' computers, security researchers in Seoul told NK News.

“We are 100% sure the ‘Kimsuky’ group was behind this attack," Director at ESTsecurity Mun Chong Hyun said, referring to a group of hackers that has previously been linked to North Korea and had carried out similar attacks in November and January last year. 

Become a member for less than $4 per week.

  • Unlimited access to all of NK News: reporting, investigations, analysis
  • The NK News Daily Update, an email newsletter to keep you in the loop
  • Searchable archive of all content, photo galleries, special columns
  • Contact NK News reporters with tips or requests for reporting
Get unlimited access to all NK News content, including original reporting, investigations, and analyses by our team of DPRK experts.
Subscribe now

All major cards accepted. No commitments – you can cancel any time.