January 19, 2016 11:09
A recent cyber attack on South Korean government agencies has been traced to North Korea as expected.
Police said the IP addresses of the senders of spam e-mails on Jan. 13-14, right after the North's latest nuclear test, were the same as those used in a cyber attack against Korea Hydro & Nuclear Power in 2014.
The e-mails containing malicious code purported to come from Cheong Wa Dae and targeted thousands of government employees here.
Police said the IP addresses have been traced to the northeastern Chinese province of Liaoning that borders North Korea and match those used in the cyber attack against the nuclear agency in 2014.
In 2014, the hackers threatened to paralyze nuclear power plants and leaked some reactor blueprints to the public.
Police said the latest attack was something known as "two-track phishing e-mails" where hackers hide malware in second e-mails that are sent after recipients respond to the uncompromised first e-mails.
- Copyright © Chosunilbo & Chosun.com