![]() |
"Kimsuky," a North Korean cyber espionage group, has led a string of operations to hack into international organizations including pharmaceutical companies developing COVID-19 vaccines and treatments, according to a U.S. cyber security company, Monday. / gettyimagebanks |
By Park Han-sol
A North Korean cyber espionage group has attempted to hack into multiple international organizations including companies working on COVID-19 vaccines with a new form of malware, according to a U.S. cyber security firm.
In a threat alert published Monday, Boston-based Cybereason identified previously undiscovered spyware used by "Kimsuky," a presumably state-operated hacking group in North Korea since 2012, to carry out global intelligence gathering operations. Spyware refers to malicious software that can be used to track and steal information about and from internet users.
Cybereason explained the newly found malware and infrastructure shared similar features and had been linked to the same IP address as another piece of malware employed by Kimsuky in the past called BabyShark that targeted U.S. think tanks.
The regime's espionage group was seen targeting a range of government entities and private sector companies in not only South Korea but also the U.S., Europe, Russia and Japan. Notably, these included pharmaceutical companies working on the research and development of COVID-19 vaccines, according to Cybereason.
The group's other targets included the Ministry of Unification, the United Nations Security Council and even journalists covering inter-Korean relations, the report said.
Considering that North Korea's cyberattacks aim at not only gathering classfied military information but also generating financial profits, trade suspensions due to COVID-19 as well as economic sanctions may lead to an increase in the regime's cyber operations, research analyst Mathew Ha of the Foundation for Defense of Democracies said in an interview with Radio Free Asia.