North Korean hackers steal ex-intelligence official’s emails in malware attack



News North Korean hackers steal ex-intelligence official’s emails in malware attack DPRK-linked ScarCruft group sends novel malware to journalist after gaining access to former director’s emails Nils Weisensee April 1, 2022 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON Cybersecurity firm Stairwell's analysis of the novel malware GOLDBACKDOOR that was sent to an NK News journalist \| Image: NK News Hackers linked to North Korea appear to have broken into the private computer of a former South Korean intelligence official as part of an effort to target journalists with a previously unknown type of malware, an NK News investigation with cybersecurity firm Stairwell revealed. After gaining access to the email account of a former director at South Korea’s National Intelligence Service (NIS), the attackers copied the content of past conversations with the official to send spoofed emails from a similar-looking address — [email protected] — to NK News founder Chad O’Carroll. The tactic allowed the hackers to avoid using the intelligence official’s real email account to send emails and risk detection, while making the malicious lures more believable. Hackers linked to North Korea appear to have broken into the private computer of a former South Korean intelligence official as part of an effort to target journalists with a previously unknown type of malware, an NK News investigation with cybersecurity firm Stairwell revealed. After gaining access to the email account of a former director at South Korea’s National Intelligence Service (NIS), the attackers copied the content of past conversations with the official to send spoofed emails from a similar-looking address — [email protected] — to NK News founder Chad O’Carroll. The tactic allowed the hackers to avoid using the intelligence official’s real email account to send emails and risk detection, while making the malicious lures more believable. Try unlimited access Only $1 for four weeks Unlimited access to all of NK News: reporting, investigations, analysis Year-one discount if you continue past $1 trial period The NK News Daily Update, an email newsletter to keep you in the loop Searchable archive of all content, photo galleries, special columns Contact NK News reporters with tips or requests for reporting Get unlimited access to all NK News content, including original reporting, investigations, and analyses by our team of DPRK experts. Subscribe now All major cards accepted. No commitments – you can cancel any time. © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. Get the Daily Update Start your day with the North Korea stories that matter most – as selected by And how should we address you in correspondence? One more step! Please check your inbox, for an email we just sent you, and click on the confirmation message in it to get subscribed to our Daily News Update. Trending

News

North Korean hackers steal ex-intelligence official’s emails in malware attack

DPRK-linked ScarCruft group sends novel malware to journalist after gaining access to former director’s emails

Nils Weisensee April 1, 2022

North Korean hackers steal ex-intelligence official’s emails in malware attack

Cybersecurity firm Stairwell's analysis of the novel malware GOLDBACKDOOR that was sent to an NK News journalist | Image: NK News

Hackers linked to North Korea appear to have broken into the private computer of a former South Korean intelligence official as part of an effort to target journalists with a previously unknown type of malware, an NK News investigation with cybersecurity firm Stairwell revealed.

After gaining access to the email account of a former director at South Korea’s National Intelligence Service (NIS), the attackers copied the content of past conversations with the official to send spoofed emails from a similar-looking address — [email protected] — to NK News founder Chad O’Carroll. The tactic allowed the hackers to avoid using the intelligence official’s real email account to send emails and risk detection, while making the malicious lures more believable.

Try unlimited access
Only $1 for four weeks

Unlimited access to all of NK News: reporting, investigations, analysis
Year-one discount if you continue past $1 trial period
The NK News Daily Update, an email newsletter to keep you in the loop
Searchable archive of all content, photo galleries, special columns
Contact NK News reporters with tips or requests for reporting

Get unlimited access to all NK News content, including original reporting, investigations, and analyses by our team of DPRK experts.

Subscribe now

All major cards accepted. No commitments – you can cancel any time.

North Korean hackers steal ex-intelligence official’s emails in malware attack

Try unlimited accessOnly $1 for four weeks

Start your day with the North Korea stories that matter most –

as selected by <img width="226" height="50" class="logo" src="https://www.nknews.org/wp-content/themes/nknews/images/header-logo.png" alt="NK News Logo">

One more step!

Trending

Recent Stories

About the Author

Nils Weisensee

Try unlimited access
Only $1 for four weeks

Start your day with
the North Korea stories that matter most –

as selected by