Hackers linked to North Korea appear to have broken into the private computer of a former South Korean intelligence official as part of an effort to target journalists with a previously unknown type of malware, an NK News investigation with cybersecurity firm Stairwell revealed. 

After gaining access to the email account of a former director at South Korea’s National Intelligence Service (NIS), the attackers copied the content of past conversations with the official to send spoofed emails from a similar-looking address — [email protected] — to NK News founder Chad O’Carroll. The tactic allowed the hackers to avoid using the intelligence official’s real email account to send emails and risk detection, while making the malicious lures more believable.