DPRK-linked hackers targeted North Korean defectors in cyber attacks in recent weeks, South Korean cybersecurity firm ESTsecurity announced on Monday.

According to ESTsecurity, victims received emails containing a malware-laced questionnaire from an address pretending to originate from a legitimate, unification-related organization. The firm said the tactics are consistent with previous North Korean attacks.

The malicious code was hidden in a Hangul Word Processor file (HWP), a text file format used almost exclusively in South Korea. The .hwp file included a questionnaire about contemporary defector issues in South Korea, demonstrating a high level of sophistication and