Mehul Reuben DasDec 09, 2022 13:52:07 IST
Google’s anti-hacking unit, also known as the Threat Analysis Group has revealed in a report that North Korean government-funded hackers used the Itaewon Halloween tragedy for numerous malware attacks. The way these hackers went about was pretty dubious.
The hackers planted malicious code in MS Office documents and disguised them to look like official documents issued by the South Korean government about the Halloween incident.
A massive crowd was struck by disaster in the city of Itaewon on October 29, when thousands of people gathered to celebrate Halloween after missing the celebrations of the festival for almost two years because of the pandemic. Itaewon as a city was known for its nightlife, and party culture. The disaster claimed the lives of 158 young people, as per official records.
Google’s Threat Analysis Group said it had traced the activity to a group of North Korean government-backed hackers known as APT37. This particular group has a proven track record of targeting the South Korean population in general, as well as North Korean defectors, policymakers, journalists and human rights activists, from across the world, who speak against North Korea’s barbaric treatment of their people.
“This incident was widely reported on, and the lure takes advantage of widespread public interest in the accident,” Threat Analysis Group said.
Google said it had reported a related software vulnerability to Microsoft within hours of its discovery on October 31. Microsoft issued a patch to fix the issue on November 8.
North Korean hackers have often been held responsible for a number of major cyberattacks across the world. Many of these cyberattacks have been in the form of attacks on banks, or ransomware attacks which have been aimed at gathering funds for the cash-strapped regime of Kim Jong-un.
As per Threat Analysis Group and blockchain analysis firm Chainalysis, North Korean state-sponsored hackers have stolen digital assets and money worth over $840 million in the first five months of 2022. In 2021, the hackers stole just a little over $400 million.
A panel of experts set up by the United Nations to monitor the enforcement of sanctions on North Korea has often accused Pyongyang of using hacked funds for the development of nuclear weapons and ballistic missiles, which are then used to threaten South Korea, and its allies, especially the US.
Last year, the United States Department of Justice charged three computer programmers linked to the North Korean military for extorting or stealing more than $1.3 billion in cash and cryptocurrency through a series of cyberattacks going all the way back to 2014.
North Korea, meanwhile, has always denied the allegations of these attacks and has maintained that these cyberattacks are carried out by the US. North Korea often accuses the US and its allies of spreading false rumours.