Oct. 19 (UPI) — North Korean hackers who have attacked South Korean nuclear power operators could be going after Russia’s defense industry, according to a Russian press report.
Russian newspaper Kommersant reported Monday the North Korean group known as “Kimsuky,” a threat group that first made headlines in 2013, could be breaching Russian defense firms. The phishing attacks are launched via fraudulent emails and began to appear in early 2020, the report says.
The target of the attack includes Russia’s state-owned Rostec, also known as the State Corporation for Assistance to Development. Rostec specializes in consolidating tech and defense companies. The entity also supports Russia’s weapons exports, according to South Korean news agency Yonhap.
The hackers reportedly took advantage of the COVID-19 pandemic to launch phishing scams. Fraudulent emails focused on the disease as a topic. Other bogus emails were made to look like job advertisements. The emails were sent to users working at Russian aerospace and aviation companies in the spring, according to Kommersant.
A Rostec-affiliated cybersecurity firm told the Russian newspaper the number of cyberattacks of possible North Korean origin spiked between April and September. The firm said the breaches did not cause serious damage because they were not sophisticated attacks. The hackers may have been testing the waters, the firm said.
Hackers with Kimsuky have previously targeted South Korean entities, including Seoul’s unification ministry, nuclear operators and think tanks. Analysts say the group has expanded its activities to include defense companies that manufacture armored vehicles in Russia, the Ukraine, Slovakia and Turkey, according to reports.
As the coronavirus pandemic subsides in China, evidence is emerging North Korea’s biggest trading partner is importing North Korean textiles in possible violation of sanctions.
South Korean lawmaker Ku Ja-keun said Monday semi-finished clothing that South Korea’s CJ Home Shopping imported from China was of North Korean origin. South Korean firms involved in the trade said the original equipment manufacturer could not be identified because of the “Made in China” labels, Newsis reported.