서버 점검 안내

dsclub은 서비스의 안정성과 성능 향상을 위해
매일 04시 30분에 정기 점검이 진행됩니다.

점검 시간: 오전 4시 30분 ~ 4시 35분

해당 시간 동안 일시적으로 서비스에 접속이 불가능하오니, 양해 부탁드립니다.

N Korea ‘attempts’ to hack Russian foreign ministry: report > English News -DSc

N Korea ‘attempts’ to hack Russian foreign ministry: report

페이지 정보

작성자 기자 민식이 (40.♡.167.55) 작성일 24-02-22 17:45 조회 25 댓글 0

본문

Thu, 22 Feb 2024 00:38:22 -0500
social_media



North Korea’s cyber-espionage efforts have been directed at infiltrating the Russian Ministry of Foreign Affairs, according to a German cybersecurity firm, which has discovered a malware sample concealed within a backdoored software installer for Moscow. 

This malware, identified as KONNI, which has been a part of Pyongyang’s cyber arsenal since at least 2014, was embedded within an installer for “Statistika KZU,” software purportedly designed for the Russian Ministry of Foreign Affairs’ internal use in securely transmitting documents, said Deutsche Cyber-Sicherheitsorganisation, or DCSO, on Thursday. 

A “backdoored software” allows access to a system without normal authentication procedures, which means that hackers can gain unauthorized access without operator approval to view, alter or delete internal material.

This tactic of disguising malware within legitimate software installers mirrors a previous instance in 2023, where a similar method was employed with a compromised installer for “Spravki BK,” a tax filing software mandated by the Russian state, DCSO added. 

“In spite of this evolving strategic relationship, however, DPRK nexus cyberespionage efforts against Russian targets of interest in sensitive sectors such as government or defense appear to be ongoing,” said the German firm. DPRK, or the Democratic People’s Republic of Korea, is North Korea’s official name. 

DCSO’s discovery comes amid increasing geopolitical proximity between Moscow and Pyongyang. The two countries held a high-profile summit in September 2023, with media reports suggesting that large-scale transfers of artillery ammunition from the North to Russia had taken place in order to support Moscow’s ongoing invasion effort in Ukraine, likely in exchange for technical support in areas of key interest to Pyongyang. 

Most recently, Russian President Vladimir Putin presented North Korean leader Kim Jong Un with a Russian-made passenger car, as reported by the North Korean media on Tuesday. Later it was confirmed that the car presented to Kim was an Aurus Senat, the “Russian equivalent of Rolls-Royce.” 

Cyberespionage by Pyongyang targeting critical Russian sectors has not  been unheard of. 

In 2019, the U.S.-based Check Point Research highlighted a “coordinated North Korean attack against Russian entities utilizing familiar North Korea cyber tools. Separately, in 2020, Russian media reported activities of the Kimsuky cluster, allegedly affecting entities like the Russian defense giant Rostec.

Edited by Elaine Chan and Mike Firn.




North Korea’s cyber-espionage efforts have been directed at infiltrating the Russian Ministry of Foreign Affairs, according to a German cybersecurity firm, which has discovered a malware sample concealed within a backdoored software installer for Moscow. 

This malware, identified as KONNI, which has been a part of Pyongyang’s cyber arsenal since at least 2014, was embedded within an installer for “Statistika KZU,” software purportedly designed for the Russian Ministry of Foreign Affairs’ internal use in securely transmitting documents, said Deutsche Cyber-Sicherheitsorganisation, or DCSO, on Thursday. 

A “backdoored software” allows access to a system without normal authentication procedures, which means that hackers can gain unauthorized access without operator approval to view, alter or delete internal material.

This tactic of disguising malware within legitimate software installers mirrors a previous instance in 2023, where a similar method was employed with a compromised installer for “Spravki BK,” a tax filing software mandated by the Russian state, DCSO added. 

“In spite of this evolving strategic relationship, however, DPRK nexus cyberespionage efforts against Russian targets of interest in sensitive sectors such as government or defense appear to be ongoing,” said the German firm. DPRK, or the Democratic People’s Republic of Korea, is North Korea’s official name. 

DCSO’s discovery comes amid increasing geopolitical proximity between Moscow and Pyongyang. The two countries held a high-profile summit in September 2023, with media reports suggesting that large-scale transfers of artillery ammunition from the North to Russia had taken place in order to support Moscow’s ongoing invasion effort in Ukraine, likely in exchange for technical support in areas of key interest to Pyongyang. 

Most recently, Russian President Vladimir Putin presented North Korean leader Kim Jong Un with a Russian-made passenger car, as reported by the North Korean media on Tuesday. Later it was confirmed that the car presented to Kim was an Aurus Senat, the “Russian equivalent of Rolls-Royce.” 

Cyberespionage by Pyongyang targeting critical Russian sectors has not  been unheard of. 

In 2019, the U.S.-based Check Point Research highlighted a “coordinated North Korean attack against Russian entities utilizing familiar North Korea cyber tools. Separately, in 2020, Russian media reported activities of the Kimsuky cluster, allegedly affecting entities like the Russian defense giant Rostec.

Edited by Elaine Chan and Mike Firn.


자유아시아방송 제공 및 저작권 소유 | RFA provided and copyrighted -www.rfa.org
좋아요1 이 글을 좋아요하셨습니다

등록된 댓글이 없습니다.

접속자집계

오늘
105
어제
1,285
최대
4,271
전체
300,844