NK hackers behind martial law email
입력 2025.04.16 (01:59)
읽어주기 기능은 크롬기반의
브라우저에서만 사용하실 수 있습니다.
[Anchor]
Since the declaration of emergency martial law last year, emails titled "Disclosure of Martial Law Documents" have been sent randomly.
The police tracked this suspicious email and found it to be a phishing email distributed by a North Korean hacker organization.
Reporter Shin Ji-soo has the story.
[Report]
This email was distributed a week after the declaration of emergency martial law on December 3.
It was a phishing email with the subject "Disclosure of Counterintelligence Martial Law Documents," which executed malicious software when the attached file was downloaded.
The police, who have been tracking the sender, concluded that it was the work of a North Korean hacker organization.
This conclusion was drawn because the same domain used in past North Korean cyber attacks was employed, and the IP address was confirmed to be from a region in China bordering North Korea.
Additionally, there were numerous instances of North Korean-style language usage found in internet search records, such as using "페지" instead of "페이지" and "기동" instead of "시동."
[Kim Young-hee/Visiting Researcher, North Korea Studies Institute, Dongguk University: "In South Korea, we say '페이지,' but in North Korea, they say '페지.' When referring to operating machines, they often use the term '기동.'"]
They also sent many phishing emails with subjects that would attract people's interest, such as tax refunds or today's fortune, which linked to fake sites asking for IDs and passwords when the 'shortcut' was clicked.
These were cleverly altered forms of major portal site addresses, making them easy to mistake for the real sites.
[Kim Young-woon/Head of Cyber Terror Investigation Division, National Office of Investigation: "(The phishing site) appears to be a normal site at first glance. If you access the phishing page and enter your information, that information is separately stolen."]
The police estimate that the North Korean hacker organization sent 120,000 emails to 17,000 people over two months starting in November last year, stealing personal information from 120 individuals.
This is KBS News, Shin Ji-soo.
Since the declaration of emergency martial law last year, emails titled "Disclosure of Martial Law Documents" have been sent randomly.
The police tracked this suspicious email and found it to be a phishing email distributed by a North Korean hacker organization.
Reporter Shin Ji-soo has the story.
[Report]
This email was distributed a week after the declaration of emergency martial law on December 3.
It was a phishing email with the subject "Disclosure of Counterintelligence Martial Law Documents," which executed malicious software when the attached file was downloaded.
The police, who have been tracking the sender, concluded that it was the work of a North Korean hacker organization.
This conclusion was drawn because the same domain used in past North Korean cyber attacks was employed, and the IP address was confirmed to be from a region in China bordering North Korea.
Additionally, there were numerous instances of North Korean-style language usage found in internet search records, such as using "페지" instead of "페이지" and "기동" instead of "시동."
[Kim Young-hee/Visiting Researcher, North Korea Studies Institute, Dongguk University: "In South Korea, we say '페이지,' but in North Korea, they say '페지.' When referring to operating machines, they often use the term '기동.'"]
They also sent many phishing emails with subjects that would attract people's interest, such as tax refunds or today's fortune, which linked to fake sites asking for IDs and passwords when the 'shortcut' was clicked.
These were cleverly altered forms of major portal site addresses, making them easy to mistake for the real sites.
[Kim Young-woon/Head of Cyber Terror Investigation Division, National Office of Investigation: "(The phishing site) appears to be a normal site at first glance. If you access the phishing page and enter your information, that information is separately stolen."]
The police estimate that the North Korean hacker organization sent 120,000 emails to 17,000 people over two months starting in November last year, stealing personal information from 120 individuals.
This is KBS News, Shin Ji-soo.
■ 제보하기
▷ 카카오톡 : 'KBS제보' 검색, 채널 추가
▷ 전화 : 02-781-1234, 4444
▷ 이메일 : kbs1234@kbs.co.kr
▷ 유튜브, 네이버, 카카오에서도 KBS뉴스를 구독해주세요!
- NK hackers behind martial law email
-
- 입력 2025-04-16 01:59:17
[Anchor]
Since the declaration of emergency martial law last year, emails titled "Disclosure of Martial Law Documents" have been sent randomly.
The police tracked this suspicious email and found it to be a phishing email distributed by a North Korean hacker organization.
Reporter Shin Ji-soo has the story.
[Report]
This email was distributed a week after the declaration of emergency martial law on December 3.
It was a phishing email with the subject "Disclosure of Counterintelligence Martial Law Documents," which executed malicious software when the attached file was downloaded.
The police, who have been tracking the sender, concluded that it was the work of a North Korean hacker organization.
This conclusion was drawn because the same domain used in past North Korean cyber attacks was employed, and the IP address was confirmed to be from a region in China bordering North Korea.
Additionally, there were numerous instances of North Korean-style language usage found in internet search records, such as using "페지" instead of "페이지" and "기동" instead of "시동."
[Kim Young-hee/Visiting Researcher, North Korea Studies Institute, Dongguk University: "In South Korea, we say '페이지,' but in North Korea, they say '페지.' When referring to operating machines, they often use the term '기동.'"]
They also sent many phishing emails with subjects that would attract people's interest, such as tax refunds or today's fortune, which linked to fake sites asking for IDs and passwords when the 'shortcut' was clicked.
These were cleverly altered forms of major portal site addresses, making them easy to mistake for the real sites.
[Kim Young-woon/Head of Cyber Terror Investigation Division, National Office of Investigation: "(The phishing site) appears to be a normal site at first glance. If you access the phishing page and enter your information, that information is separately stolen."]
The police estimate that the North Korean hacker organization sent 120,000 emails to 17,000 people over two months starting in November last year, stealing personal information from 120 individuals.
This is KBS News, Shin Ji-soo.
Since the declaration of emergency martial law last year, emails titled "Disclosure of Martial Law Documents" have been sent randomly.
The police tracked this suspicious email and found it to be a phishing email distributed by a North Korean hacker organization.
Reporter Shin Ji-soo has the story.
[Report]
This email was distributed a week after the declaration of emergency martial law on December 3.
It was a phishing email with the subject "Disclosure of Counterintelligence Martial Law Documents," which executed malicious software when the attached file was downloaded.
The police, who have been tracking the sender, concluded that it was the work of a North Korean hacker organization.
This conclusion was drawn because the same domain used in past North Korean cyber attacks was employed, and the IP address was confirmed to be from a region in China bordering North Korea.
Additionally, there were numerous instances of North Korean-style language usage found in internet search records, such as using "페지" instead of "페이지" and "기동" instead of "시동."
[Kim Young-hee/Visiting Researcher, North Korea Studies Institute, Dongguk University: "In South Korea, we say '페이지,' but in North Korea, they say '페지.' When referring to operating machines, they often use the term '기동.'"]
They also sent many phishing emails with subjects that would attract people's interest, such as tax refunds or today's fortune, which linked to fake sites asking for IDs and passwords when the 'shortcut' was clicked.
These were cleverly altered forms of major portal site addresses, making them easy to mistake for the real sites.
[Kim Young-woon/Head of Cyber Terror Investigation Division, National Office of Investigation: "(The phishing site) appears to be a normal site at first glance. If you access the phishing page and enter your information, that information is separately stolen."]
The police estimate that the North Korean hacker organization sent 120,000 emails to 17,000 people over two months starting in November last year, stealing personal information from 120 individuals.
This is KBS News, Shin Ji-soo.
-
-
신지수 기자 js@kbs.co.kr
신지수 기자의 기사 모음
-
이 기사가 좋으셨다면
-
좋아요
0
-
응원해요
0
-
후속 원해요
0
오늘의 핫 클릭
실시간 뜨거운 관심을 받고 있는 뉴스
헤드라인
이 기사에 대한 의견을 남겨주세요.