North Korea launched a new cyber attack against the South, according to the Government of Seoul a massive data breach exposed data belonging to an Internet shopping mall.
This week, authorities in South Korea accused the North to have compromised the website of the Interpark internet shopping mall exposing personal data of more than 10 million online shoppers.
The South Korea’s National Police Agency published an official statement that accuses the North Korea’s General Bureau of Reconnaissance for the hack.
The IT staff at the Interpark confirmed the incident, it discovered the attack on July 11 when the hackers demanded 3 billion won worth of Bitcoin.
“On July 11, Interpark became aware that some of our users’ information had been stolen by a hacker group through an advanced persistent threat attack, and reported the hack to the police the next day,” said an official statement on the company’s website.”
The authorities believe that the company servers have been breached on May by an “advanced persistent threat attack” and alerted authorities the following day.
“The hackers first gained access to an employee’s computer, and identified email patterns that were familiar to the employee before sending an email that contained the malware [and] opening a back door, which is why the employee was fooled,” a spokesperson told the Korea Herald.
The hacker remained inside the Interpark systems for a long time in order to continuously steal data.
Why the North Korea?
The South Korean police discovered that the addresses involved in the attack are linked to Pyongyang.
“Following an investigation, the National Police Agency said in a statement Thursday that IP addresses involved in the hack as well as the specific language used by the attackers suggests North Korean spies were responsible.”
(Security Affairs – North Korea, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.