October 27, 2021

Hackers infect DailyNK website with malware to spy on readers

Cybersecurity firm links attack to North Korean group, with expert warning site still vulnerable to similar breaches

For at least two months, hackers linked to North Korea have been attacking readers of the DailyNK website with custom malware capable of stealing files and passwords, cybersecurity firm Volexity revealed in a report on Tuesday. 

The attack used two known vulnerabilities in Microsoft’s Internet Explorer and Edge web browsers to install malware dubbed “Bluelight,” according to the researchers. Once launched, the malicious software reportedly takes frequent screenshots, copies files, steals passwords and shares details about the victim’s computer with the hackers.