SURYAA

Home

Telugu Version

English Version

Latest Updates National International Telangana Andhra Pradesh Cinema Business Sports

Let's get Social

Facebook Twitter Google +

North Korea-backed hackers launch cyber attack using computer files

 

by IANS |

Seoul, Dec 22 (IANS) A North Korea-linked cyber hacking group appears to have launched a new cyber attack campaign, code-named "Artemis," that embeds malicious code inside computer files, a report showed on Monday.


The Genians Security Center (GSC), a South Korean cybersecurity institute, said in a report that it detected the operation believed to have been carried out by APT37, a Pyongyang-backed cyber hacking group, reports Yonhap news agency.


According to the report, the threat actors embedded malicious object linking and embedding (OLE) code inside Hangul Word Processor (HWP) documents. An attack chain is triggered when a user allows the opening of the document's content and clicks a hyperlink in the file.


HWP is a document file format widely used as a standard in South Korea.


The findings follow an October report by 38 North, a U.S.-based website monitoring North Korea, which said North Korean cyber operators have repeatedly exploited the HWP format to infiltrate government, military and key industrial networks in South Korea.


"This attack demonstrates APT37's ongoing pattern of highly developed reconnaissance and infiltration activities," the GSC report said. "It also indicates that the group continues to refine its capabilities by leveraging advanced technical methods."


In November, a North Korea-linked hacking group launched a new form of cyberattack that remotely controls Android smartphones and personal computers (PCs) to delete key data, including photos, documents and contact information.


The group, believed to be affiliated with Pyongyang-sponsored groups Kimsuky or APT37, infiltrated victims' smartphones and PCs through malware distributed via KakaoTalk and stole account information for Google and major domestic IT services, according to the report by the Genians Security Center (GSC), a South Korean cybersecurity institute.


They remotely reset the smartphones after using Google's location-based tracking system to confirm the victims were outside their homes or offices.


The remote reset halted normal device operation, blocking notification and message alerts from messenger apps and effectively cutting off the account owner's awareness channel, thereby delaying detection and response, the report explained.


Through this process, key data stored on the infected devices, including photos, documents and contacts, were completely deleted.

Latest News
Rajnath Singh steers MoU between DRDO, Raksha University for R&D Mon, Dec 22, 2025, 04:42 PM
MP CM Mohan Yadav meets BJP Working President Nitin Nabin in Delhi Mon, Dec 22, 2025, 04:36 PM
Office occupancy levels in Delhi-NCR projected to cross 80 pc by March 2027 Mon, Dec 22, 2025, 04:34 PM
Nearly 4,000 Afghan refugees deported from Iran, Pakistan in single day Mon, Dec 22, 2025, 04:32 PM
Over Rs 5,000 crore invested to ensure daytime power for farmers: Gujarat CM Mon, Dec 22, 2025, 04:31 PM