SEOUL, Sept. 12 (Yonhap) -- A hacker group believed to be linked to North Korea has attempted to steal data from South Korean experts working as members of an advisory panel for the defense ministry, a cybersecurity firm said Sunday.
Emails were sent to some members of the advisory panel earlier this month from hackers who disguised themselves as a North Korea-related department of the defense ministry, notifying them of an upcoming seminar on the occasion of the anniversary of a 2018 inter-Korean military agreement, according to ESTsecurity.
A few days later, another email was sent, asking the panel members to open attached papers written for the event. It had some disguised images on the attachments that appeared to be official government documents, according to ESTsecurity.
ESTsecurity said it suspects North Korea-linked hacking organization Thallium to be behind the attempted attacks.
The hackers attached malicious files disguised as government documents to emails that can install malware on users' computers, allowing them to steal information.
But no visible damage from the scam has been reported yet, according to the company.
It said the cyberattack is the latest in a series of recent hacking incidents suspected of being carried out by North Korean groups. Thallium has usually targeted officials and journalists in the foreign relations and security sectors in the South.
In June, the North Korean hackers allegedly engaged in attacks using manipulated email addresses from the South Korean government ministries to steal user information.
ESTsecurity said hacking incidents suspected of being carried out by North Korean groups have been increasing recently and asked the government and private sector to keep their guard up against such attacks.
South Korea's spy agency tightened an advisory on the cyber threat posed by North Korea last month.
Source: https://en.yna.co.kr/view/AEN20210912001000315