North Korean hacking group Lazarus behind cyber attack last year: Police

North Korea

Published: 18 Apr. 2023, 16:57

North Korean hacking group Lazarus behind cyber attack last year: Police

A member of the National Police Agency announces its recent findings on a cyberattack by North Korea that targeted as many as 10 million users last year, at the police precinct in Seodaemun District, western Seoul, on Tuesday. [YONHAP]

Major North Korean hacking group Lazarus was behind a cyberattack last year that targeted as many as 10 million users of a banking security app, the police announced Tuesday.

The National Police Agency confirmed that the Lazarus Group, a North Korean state-sponsored hacking organization, was behind the cyberattacks on the computers used by 61 organizations in Korea including public institutions and defense industry organizations last November.

They launched what experts call a watering hole attack, which targets a specific group of users by infecting websites that they are likely to visit.

The group was found to have hacked into Initec, a major local financial security provider, in April 2021 and tampered with one of its software products.

If a user who downloaded this banking security application onto their computer visited infected websites, which included those of some media companies, their computers would immediately be implanted with a malware, according to the police.

As many as 10 million computers across 61 organizations were estimated to have downloaded the financial security software.

Authorities said that the group, after infecting computers and seizing control over them, would have tried to expand the cyberattack using the computers’ networks.

Damage was minimal. however, because the attack was detected in its early stages, said police. The group was able to infect 207 computers.

The U.S. Treasury Department suspects the Lazarus Group has stolen at least $455 million last year through cyber attacks.

BY ESTHER CHUNG [chung.juhee@joongang.co.kr]