The latest press release from EST Security confirms the use of social media in cyber-attacks from the North Korean hacking group Kumsong 121. With an increasing number of cyber-attacks originating from North Korea, mobile phone and computer users need to remain vigilant, security experts warn.
The latest attack from Kumsong 121 employed an elaborative method, according to EST Security: the attackers first befriended the victim through social networks and then sent an infected file.
When hackers got into a person’s social media account, their next targets were the social media friends of the victim. After earning their friendship through friendly chatting, they emailed an infected document file to the target, asking for feedback on a North Korean-related column they claim to have recently published.
If the email receiver approves the macro present in the file, it will compromise the recipient’s computer.
Recently, a team of hackers from North Korea tried to spread an infected file by secretly getting into a North Korean defector’s social media account and attempting to chat with his contacts.
The next best targets of Kumsong 121 are Android smartphone users, targeted through “smishing” attacks. The ESTsecurity Security Response Center chief, Mun Chong Hyun (ESRC), reveals that Kumsong 121 has gotten into the phones of many famous persons.
Hackers target persons working in the North Korean industry by either attacking websites of organizations active in the North Korean region or by creating their fake Facebook profiles.
They frequently approach via mobile phones or email and pose as an acquaintance or industry expert.