U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

South accuses North Korea for massive data breach affecting 10 million online shoppers

Authorities in South Korea are blaming hackers from North Korea for a massive data breach affecting 10 million Interpark online shoppers. North Korea launched a new cyber attack against the South, according to the Government of Seoul a massive data breach exposed data belonging to an Internet shopping mall. This week, authorities in South Korea accused […]

North Korea Lazarus APT

Authorities in South Korea are blaming hackers from North Korea for a massive data breach affecting 10 million Interpark online shoppers.

North Korea launched a new cyber attack against the South, according to the Government of Seoul a massive data breach exposed data belonging to an Internet shopping mall.

This week, authorities in South Korea accused the North to have compromised the website of the Interpark internet shopping mall exposing personal data of more than 10 million online shoppers.

The South Korea’s National Police Agency published an official statement that accuses the North Korea’s General Bureau of Reconnaissance for the hack.

The IT staff at the Interpark confirmed the incident, it discovered the attack on July 11 when the hackers demanded 3 billion won worth of Bitcoin.

“On July 11, Interpark became aware that some of our users’ information had been stolen by a hacker group through an advanced persistent threat attack, and reported the hack to the police the next day,” said an official statement on the company’s website.”

The authorities believe that the company servers have been breached on May by an “advanced persistent threat attack” and alerted authorities the following day.

“The hackers first gained access to an employee’s computer, and identified email patterns that were familiar to the employee before sending an email that contained the malware [and] opening a back door, which is why the employee was fooled,” a spokesperson told the Korea Herald.

The hacker remained inside the Interpark systems for a long time in order to continuously steal data.

north korea hackers

Why the North Korea?

The South Korean police discovered that the addresses involved in the attack are linked to Pyongyang.

“Following an investigation, the National Police Agency said in a statement Thursday that IP addresses involved in the hack as well as the specific language used by the attackers suggests North Korean spies were responsible.”

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – North Korea, hacking)