Mass Distribution of Malware and Intense North Korean Spear Phishing Attacks Since Early Year
[Asia Economy Reporter Jin-gyu Lee] It has been ten days since Microsoft (MS) ended technical support for Windows 7, but no signs of cyberattacks targeting Windows 7 PCs have been detected yet. However, experts advise that vigilance is necessary as the possibility of cyberattacks on Windows 7 PCs remains high, with recent discoveries of malware distribution and spear-phishing attacks.
According to the Korea Internet & Security Agency (KISA) on the 24th, as of the afternoon of the 23rd, no cyber threat signs targeting Windows 7 PCs have been detected at the 'Windows 7 End of Support Comprehensive Situation Room' established by KISA after the end of Windows 7 technical support. A KISA official stated, "We plan to monitor cyber threats to domestic Windows 7 PCs until the domestic Windows 7 usage rate reaches 0%. So far, no signs of cyber threats targeting Windows 7 have been found."
MS ended technical support for Windows 7 after distributing the last security patch in the early hours of the 15th. The validity period of this security patch is about one month, and from next month, security updates will no longer be provided for Windows 7 PCs.
Experts point out that once the validity period of the last security patch expires, hackers could easily breach Windows 7 PCs without security updates through new programs. If new security vulnerabilities emerge, domestic Windows 7 PCs are likely to become prime targets for hackers worldwide. A security industry official warned, "Even with thorough antivirus updates, Windows 7 PCs that have ended technical support are defenseless against cyberattacks that target the Windows 7 operating system (OS) itself."
The industry is concerned about a recurrence of the 'WannaCry' ransomware incident. During the WannaCry ransomware outbreak in May 2017, PCs using 'Windows XP' suffered relatively large damage. When infected with this ransomware, computer files were encrypted, and a message window demanding approximately $300 worth of Bitcoin as ransom appeared on the screen. Within 15 days of the cyberattack, about 300,000 Windows PCs in 150 countries worldwide were affected.
In the situation where Windows 7 technical support has ended, malware distribution and spear-phishing attacks have been continuously detected by domestic security companies since the beginning of the year. Recently, the Emotet malware, impersonating government agencies or domestic companies, has been widely distributed via email. East Security explained, "The Emotet malware, which had been quiet for a while, has been actively spreading again since the 14th." This malware is mainly distributed through emails. It invades user PCs to perform ▲PC information theft ▲additional malware downloads ▲backdoor functions.
Spear-phishing attacks by hacker groups presumed to be from North Korea have also been continuously detected. Their spear-phishing attacks are carried out by embedding malware in emails and other means. Earlier this month, a spear-phishing attack disguised as a seminar presentation document file by Moon Jung-in, the President's Special Advisor on Unification, Diplomacy, and Security, was discovered in South Korea, stealing information from specific PCs. The hacking group 'Kimsuky Group,' suspected of connections with North Korea, was identified as the culprit. In December last year, a malicious file disguised as a Blue House event estimate was confirmed, and cyberattacks disguised as North Korean defector support organizations were also discovered. All these attacks were attributed to hacker groups presumed to be from North Korea.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![Clutching a Stolen Dior Bag, Saying "I Hate Being Poor but Real"... The Grotesque Con of a "Human Knockoff" [Slate]](https://cwcontent.asiae.co.kr/asiaresize/183/2026021902243444107_1771435474.jpg)
