N.K. hacking group Lazarus infiltrated 61 S. Korean institutions last year: police

Education

Lazarus, a North Korean cybercrime group, hacked hundreds of computers belonging to 61 South Korean institutions last year in an attempt to launch a large-scale cyberattack on the South, police said Tuesday.

Since June last year, 207 computers of those institutions, including eight media firms, have been hacked through a “watering hole” attack that exploited a security software installed on the computers, the National Police Agency (NPA) said.

In preparation for the attacks, Lazarus first hacked the South Korean distributor of the security software that is used in managing the installation of security plug-ins for internet banking and other activities, the NPA said.

Then malicious codes were automatically installed in the computers with the security software when they accessed the website of a specific media outlet, it said.

The NPA said Lazarus had planned to stage a large-scale cyberattack by gaining control of the hacked computers and turning them into “zombie PCs,” but the attempt was detected by South Korean authorities in advance and preempted. No actual damage was inflicted, it added.

Lazarus is a hacking group under the North Korean government’s Reconnaissance General Bureau, which was responsible for the 2014 hacking of Sony Pictures.

Source: Yonhap News Agency