Attempted Attack on Korea Institute of Machinery and Materials Using Stolen Information
As the SK Telecom USIM hacking incident continues to escalate, it has been revealed that certificate files belonging to CJ OliveNetworks, which is responsible for the IT infrastructure development and management of major CJ affiliates, were also leaked due to hacking.
According to industry sources on May 7, a North Korea-originated malicious file disclosed at the end of last month was found to contain a digital signature from CJ OliveNetworks. Digital signatures are used to verify that a program is a legitimate file created by a specific company. Because this malicious file originated from North Korea, suspicions have arisen that CJ OliveNetworks' signature information was stolen by North Korea and is being misused.
After discovering the hacking incident, CJ OliveNetworks reported the breach to the Korea Internet & Security Agency (KISA). The company stated that it immediately revoked the certificate after confirming the breach, and that the certificate is currently invalid.
The North Korean hacking group suspected to be involved in this incident is 'Kimsuky.' The Chinese cybersecurity firm RedDrip Team disclosed the previous day that Kimsuky had attempted to attack the Korea Institute of Machinery and Materials, a national research institute, by exploiting the stolen digital signature information from CJ OliveNetworks. The Korea Institute of Machinery and Materials stated that it has now taken appropriate measures and has requested an explanation from the company regarding the document leak.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
