North Korea launched a new cyber attack against the South, according to the Government of Seoul a massive data breach exposed data belonging to an Internet shopping mall.
This week, authorities in South Korea accused the North to have compromised the website of the Interpark internet shopping mall exposing personal data of more than 10 million online shoppers.
The South Korea’s National Police Agency published an official statement that accuses the North Korea’s General Bureau of Reconnaissance for the hack.
The IT staff at the Interpark confirmed the incident, it discovered the attack on July 11 when the hackers demanded 3 billion won worth of Bitcoin.
“On July 11, Interpark became aware that some of our users’ information had been stolen by a hacker group through an advanced persistent threat attack, and reported the hack to the police the next day,” said an official statement on the company’s website.”
The authorities believe that the company servers have been breached on May by an “advanced persistent threat attack” and alerted authorities the following day.
“The hackers first gained access to an employee’s computer, and identified email patterns that were familiar to the employee before sending an email that contained the malware [and] opening a back door, which is why the employee was fooled,” a spokesperson told the Korea Herald.
The hacker remained inside the Interpark systems for a long time in order to continuously steal data.
Why the North Korea?
The South Korean police discovered that the addresses involved in the attack are linked to Pyongyang.
“Following an investigation, the National Police Agency said in a statement Thursday that IP addresses involved in the hack as well as the specific language used by the attackers suggests North Korean spies were responsible.”
(Security Affairs – North Korea, hacking)