Although many think that North Korea is a dormant volcano ready to explode, it’s quite hard to believe that the country hosts a number of competent software developers and programmers.
This week, a group of North Korean hackers were able to send a phishing email to the South Korean customers of a crypto exchange called UpBit. According to South Korean ESRC Center, the mail contained information that UpBit wanted to get information about sweepstakes payouts for tax purposes.
There have been no reports about damage yet, but it’s believed that a number of traders opened the file, which contained malicious code. In more detail, it contained a program that would give the hackers remote access to the victim’s computer and all of the information about crypto exchange login credentials and browsing history.
The hackers made one clever move by putting a password on the malicious program, which was “UPBIT”, therefore the antivirus systems of most users could not detect them.
The East Security reports that this is not the first time they’ve experienced a phishing attack on a financial platform, but it’s a first for cryptocurrency. According to Mun Chong Hyun, the head of the ESRC Center, hack attacks with tactics exactly like these were made against South Korean journalists as well as government agencies.
It’s too early to talk about whether or not this attack was government sanctioned, but the evidence is leading to it being the case. There are no freelance hackers in North Korea, and definitely no individuals with access to the internet without the government’s consent. However, this predicament has not been discussed by the South Koreans with their northern neighbours.