Researchers find cyberattacks exploited ‘social trust’ between victims, but disagree on threat group attribution
A bold new North Korean cyberattack campaign targeting human rights activists has combined a previously undiscovered malware strain with new tactics that remotely wipe mobile phones, according to cybersecurity researchers.
In a report published Monday, South Korean cybersecurity firm Genians linked the recent campaign, in which attackers hijacked a North Korean defector-activist’s messenger account, to the Pyongyang-backed group Konni. The group shares digital infrastructure and tactics with Kimsuky, a North Korean threat actor known for its cyberespionage campaigns targeting South Korea.
The group initially compromised the computers of defector Kim Eun-ju and other victims
© Korea Risk Group. All rights reserved.
No part of this content may be reproduced, distributed, or used for
commercial purposes without prior written permission from Korea Risk
Group.
