North Korean Hacker Group Kimsuki Distributes Phishing Emails
Password Change Prompt...Clicking Leads to Attacker's Server
The North Korean hacker group 'Kimsuky' attempted to steal users' passwords through phishing emails disguised as the portal site 'Daum' operated by Kakao.
The cybersecurity company East Security recently posted this information in its blog under the 'Malware Analysis Report'.
The phishing email discovered this time was distributed with the subject '[Urgent] Please change your password immediately.' The attacker used the sender domain 'daurn.net' to make it appear as if it were the Daum domain.
The email body contains the phrase "Your password and personal information may have been stolen by others" written in red, and clicking the activated 'Go change your password now' hyperlink in the middle of the email leads to a phishing site made to look like the Kakao login page. Then, under the pretext of 'password verification and change,' users are prompted to enter their password, and if they do, the information is sent directly to the attacker's server.
After analyzing various indicators, East Security concluded that the North Korean reconnaissance general bureau-affiliated hacking group Kimsuky is behind this attack. Kimsuky is a North Korean hacking group that has hacked government ministries such as the Ministry of National Defense and the Ministry of Unification since around 2010, stealing data related to social infrastructure and defectors. Recently, it has expanded its attack range to countries in the Asia-Pacific region as well as South Korea.
Last year, Kimsuky sent phishing emails at least three times to 892 experts in diplomacy, security, unification, and defense, and in October of last year, it attempted to steal IDs and passwords of defectors by disguising as Kakao account management services.
East Security urged, "As North Korea's cyberattacks continue targeting not only institutions and companies but also private experts and organizations in related fields, special caution is required from those involved."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![Clutching a Stolen Dior Bag, Saying "I Hate Being Poor but Real"... The Grotesque Con of a "Human Knockoff" [Slate]](https://cwcontent.asiae.co.kr/asiaresize/183/2026021902243444107_1771435474.jpg)
