SEOUL, May 31 (Korea Bizwire) – A North Korean hacking group is suspected of launching cyberattacks against a South Korean cybersecurity service firm amid heightened tensions on the Korean Peninsula, state prosecutors said Tuesday.
The Seoul Central District Prosecutors’ Office said the group allegedly first hacked into the company, whose identity was withheld, in November and acquired its authentication certificate in the following months.
The hacking group then infected a local academic institute website with programs carrying malicious code disguised as normal ones with a fake authentication certificate.
Prosecutors said a total of 19 computer servers of 10 organizations who accessed the website were eventually infected by malicious code which could lead to the leakage of documents or implementation of additional viruses. No actual damage has been reported yet.
An Internet Protocol address — the online equivalent of a street address or phone number — which accessed the security firm’s server on 26 occasions, was traced to North Korea, prosecutors said, wrapping up their three-month long investigation.
North Korea has a track record of waging cyberattacks on South Korea and the United States in recent years, though it has flatly denied any involvement.