February 05, 2023
NK News Logo
Analysis

North Korean hackers likely used new vulnerability to breach ROK defense firm

Researchers link attacks against South Korean aerospace and nuclear research sectors to DPRK, warn of further breaches 
Nils Weisensee July 1, 2021
North Korean hackers likely used new vulnerability to breach ROK defense firm
SHARE
NK News (file photo)

After a series of hacks against South Korea’s nuclear research and defense sectors, the cybersecurity firm TeamT5 said a group linked to North Korea likely used a previously unknown vulnerability and new malicious tools to break into the highly sensitive systems.

According to a report published on Wednesday, researchers said they believe a group labelled “CloudDragon” used a so-called zero-day exploit called MemzipRAT to install a backdoor and gain access to the organizations’ networks. The experts consider CloudDragon to be one of two sub-groups commonly referred to as Kimsuky, which has long been suspected of working on behalf of the DPRK.

Join the NK Pro team

Join Korea Pro and Get Smart About South Korea

Recent Stories

US, ROK hold second joint air drills in a week against North Korean threat
US, ROK hold second joint air drills in a week against North Korean threat
Nicaraguan leader defends North Korea’s right to nuclear weapons
Nicaraguan leader defends North Korea’s right to nuclear weapons
Seoul seeks divided Security Council’s support on North Korean nuclear threat
Seoul seeks divided Security Council’s support on North Korean nuclear threat

About the Author

Nils Weisensee

Nils Weisensee

Nils Weisensee is Director of News Operations at Korea Risk Group and covers cybersecurity for NK Pro. He previously founded information security firm Frontier Intelligence, served as head of operations at non-profit Choson Exchange, and was a reporter for DAPD and the Associated Press.

View more articles by Nils WeisenseeEMAILTwitterLinkedinGot a news tip?Let us know!
© 2023, Korea Risk Group (NK Consulting Inc.). All Rights Reserved