January 21, 2021

Hackers use fake media domains to trick North Korea researchers

Attackers impersonate reporters at Voice Of America to lure DPRK experts with legal documents out of Pyongyang
Nils Weisensee December 17, 2020
SHARE
Nils Weisensee December 17, 2020
Image: NK News | North Koreans using a computer in Pyongyang

In a fresh attempt to steal passwords from researchers working on North Korea, hackers have registered domains that resemble web addresses from legitimate media organizations in order to send highly targeted emails to selected victims. 

An email obtained and analyzed by NK News on Thursday was sent from VOAKoreas.com — a domain that was registered less than four months ago and is not affiliated with Voice Of America (VOA). The email had a subject line of “[VOA Media] Inquiry” and claimed to come from VOA anchor Eunjung Cho.

Recent Stories

North Korean hackers steal corporate files in attacks against European firms
After major Russian spy hacks, US says North Korea is an even stronger threat
North Korea enters ‘age of smartphones’ with hit games on taekwondo, badminton

About the Author

Nils Weisensee

Nils Weisensee is Director of News Operations at the Korea Risk Group and covers cyber security for NK News. Prior to that he worked as head of operations at the Choson Exchange NGO and as a reporter for DAPD and the Associated Press.

View more articles by Nils Weisensee
© 2021, Korea Risk Group (NK Consulting Inc.). All Rights Reserved