<청와대 행사 사칭에 이어 통일외교안보특별보좌관 문서 위장 악성파일
배후는 모두 북한 연계설 해커조직 '김수키 그룹' 추정>
Malicious File Disguised as Document from Special Advisor on Unification, Foreign Affairs, and Security Following Fake Blue House Event
Suspected Behind All: North Korea-Linked Hacker Group 'Kimsuki Group'
[Asia Economy Reporter Jin-gyu Lee] Three days after Microsoft (MS) ended technical support for Windows 7, no significant confusion has occurred among Windows 7 PC users. However, concerns over cyber threats originating from North Korea are rising, as spear-phishing attacks linked to North Korean hacker groups have been repeatedly detected since the beginning of the new year. The government is also maintaining vigilance against North Korean cyberattacks.
According to the IT industry on the 18th, no particular signs of cyberattacks have been detected since the end of Windows 7 technical support. MS officially ended technical support for Windows 7 after distributing the last security patch at 2 a.m. on the 15th. MS has stated that there will be no further security updates for Windows 7.
Experts point out that if hackers attack Windows 7 PCs without security updates using new programs in the future, these systems could be easily compromised. Although no major issues have arisen yet, there are predictions that once new security vulnerabilities emerge, domestic Windows 7 PCs will become prime targets for hackers worldwide, including those from North Korea.
In this context, cyberattacks by hacker groups presumed to be linked to North Korea are expected to continue this year. In fact, spear-phishing attacks by North Korean-linked hacker groups have been repeatedly detected by domestic security firms since the beginning of the year. Spear-phishing is a method that involves embedding malicious code in emails from trusted accounts to steal information from specific individuals or companies.
Since the new year, spear-phishing attacks disguised as seminar presentation document files by Moon Jung-in, the President’s Special Advisor on Unification, Foreign Affairs, and National Security, have been discovered domestically, stealing information from specific PCs. The hacking group 'Kimsuky Group,' suspected of having ties to North Korea, has been identified as the culprit behind this cyberattack.
In December last year, a malicious file disguised as a Blue House event estimate was confirmed, and cyberattacks masquerading as North Korean defector support organizations were also discovered. All these cyberattacks are believed to have been carried out by hacker groups presumed to be from North Korea. Recently, malicious files impersonating payroll statements, which have been increasing, are also frequently found in cyberattacks attributed to North Korean hackers.
With the end of Windows 7 technical support increasing the security vulnerabilities of domestic Windows 7 PCs, the possibility of cyber threats from hacker groups presumed to be from North Korea has also risen. Accordingly, the government has established an emergency response system to prepare for cyberattacks originating from North Korea. The Ministry of the Interior and Safety and the Ministry of Science and ICT have set up a comprehensive situation room in response to the end of Windows 7 technical support and are cooperating with the National Security Office and the National Intelligence Service to counter North Korean cyber threats.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![Clutching a Stolen Dior Bag, Saying "I Hate Being Poor but Real"... The Grotesque Con of a "Human Knockoff" [Slate]](https://cwcontent.asiae.co.kr/asiaresize/183/2026021902243444107_1771435474.jpg)
