[Courtesy of ESTsecurity]
SEOUL -- South Korean security experts accused Lazarus, a hacking group suspected of being tied to North Korean hackers, of staging a fresh cyber attack this week with malicious files disguised as government documents which run on Hangeul, a Korean-language word processing program.
ESTsecurity, a Seoul-based security company, said Thursday in a message posted on its website that it detected malicious files created Sunday for an advanced persistent threat (APT) attack. "Malicious files contain the same metadata and functions as used in a series of attacks on Sony Pictures," it said, urging Hangeul users to carry out security updates.
"It is probably aimed at preparing for a new infiltration or concentrating on the development of new attack technologies," the security company said. "The group known to be behind this cyber threat is widely known as Lazarus, and similar attacks have already been reported."
In July, ESTsecurity experts accused a hacking group known as "Geumseong121" of launching an APT attack with malicious emails disguised as a South Korean government document, targeting North Korea-related organizations in Seoul.
Intelligence officials in Seoul have said that North Korean hackers were believed to have launched cyber attacks on South Korean virtual money exchanges. Cyber experts at home and abroad insist the impoverished North has been desperate to secure foreign currencies due to tight international sanctions.
Symantec, a US-based anti-virus firm, said earlier that Lazarus was suspected of staging
WannaCry ransomware attacks that infected hundreds of thousands of computers across the world in 2017. The ransomware intrudes computers in a form of a worm virus and encrypts all files, leaving users inaccessible to them. Users must pay the hackers in Bitcoins, a digital payment system, to regain control of their computers.
reporter
Lim Chang-won
cwlim34@ajunews.com
![[영문] A Winter Wedding Extravaganza: Two Major Industry Players Say, “I Do”](https://image.ajunews.com/images/site/img/ajunews/list_noimg.jpg)