Hackers linked to North Korea appear to have broken into the private computer of a former South Korean intelligence official as part of an effort to target journalists with a previously unknown type of malware, an NK News investigation with cybersecurity firm Stairwell revealed.
After gaining access to the email account of a former director at South Korea’s National Intelligence Service (NIS), the attackers copied the content of past conversations with the official to send spoofed emails from a similar-looking address — [email protected] — to NK News founder Chad O’Carroll. The tactic allowed the hackers to avoid using the intelligence official’s real email account to send emails and risk detection, while making the malicious lures more believable.
Hackers linked to North Korea appear to have broken into the private computer of a former South Korean intelligence official as part of an effort to target journalists with a previously unknown type of malware, an NK News investigation with cybersecurity firm Stairwell revealed.
After gaining access to the email account of a former director at South Korea’s National Intelligence Service (NIS), the attackers copied the content of past conversations with the official to send spoofed emails from a similar-looking address — [email protected] — to NK News founder Chad O’Carroll. The tactic allowed the hackers to avoid using the intelligence official’s real email account to send emails and risk detection, while making the malicious lures more believable.
Try unlimited access
Only $1 for four weeks
Unlimited access to all of NK News: reporting, investigations, analysis
Year-one discount if you continue past $1 trial period
The NK News Daily Update, an email newsletter to keep you in the loop
Searchable archive of all content, photo galleries, special columns
Contact NK News reporters with tips or requests for reporting
Get unlimited access to all NK News content, including original reporting, investigations, and analyses by our team of DPRK experts.
Subscribe now
All major cards accepted. No commitments – you can cancel any time.