Product reviews, deals and the latest tech news

Google’s anti-hacking unit discovered that North Korean hackers used the Itaewon Halloween tragedy for malware attacks

With support from the North Korean government, hackers exploited the Itaewon Halloween tragedy to launch a slew of malware assaults, according to a study by Google’s anti-hacking section, the Threat Analysis Group. The hacker’s methodology seemed suspect.

Hackers working for the North Korean government put harmful malware in Microsoft Office papers made to appear like they were released by the South Korean government and discussing the Itaewon Halloween disaster. Source of Image: Commons by Creative

Malicious malware was embedded in Microsoft Office files that were made to seem like they had been given by the South Korean government in response to the Halloween event.

On October 29, thousands of people gathered in the city of Itaewon to celebrate Halloween despite missing the festival’s celebrations for nearly two years due to the outbreak. The city of Itaewon was famous for its lively nightlife and vibrant party scene. According to statistics, 158 young individuals lost their life in the incident.

The Google Threat Analysis Team said that they have tracked the intrusion to the APT37 hacking organisation, which is supported by the North Korean government. This organisation has a history of attacking those who speak out against North Korea’s brutal treatment of its own people, including defectors from the country, officials, journalists, and human rights campaigners from throughout the world.

According to the Threat Analysis Group, “this occurrence was widely reported on, and the lure takes advantage of broad public interest in the disaster.”

Google claimed it informed Microsoft of a similar software flaw within hours of discovering it on October 31. On November 8, Microsoft released a patch to address the problem.

Numerous big cyberattacks throughout the world have been widely attributed to hackers in North Korea. The cash-strapped Kim Jong-un administration has been the target of several cyberattacks, with many taking the form of bank assaults or ransomware operations.

Threat Analysis Group and blockchain analysis firm Chainalysis report that in the first five months of 2022, North Korean state-sponsored hackers stole digital assets and money totaling over $840 million. Some hackers managed to get off with little more than $400 million in 2021.

The United Nations panel of experts tasked with overseeing sanctions against North Korea has repeatedly accused Pyongyang of funnelling stolen money towards the development of nuclear weapons and ballistic missiles that threaten South Korea and its allies, most notably the United States.

In a series of cyberattacks beginning in 2014, three North Korean military-affiliated computer programmers were accused by the United States Department of Justice last year with extorting or stealing over $1.3 billion in cash and bitcoin.

Alternatively, North Korea has consistently rejected the charges of these assaults, instead blaming the United States for any cyberattacks against its network. Often, North Korea would accuse the United States and its allies of disseminating rumours.