5 Zero-Days to Hack North Koreans

An Elite Spy Group Used 5 Zero-Days to Hack North Koreans

North Koreans do not spend most of their lives on the computer. But some of the lucky ones who seem to have gained a fair share of hacking techniques over the past year have had a lot of light that some South Korean researchers are accusing.

On Thursday, online researchers at the Google Shopping Group found a group of anonymous hackers using at least five days' worth of hacking software or hacking software. focusing on the people of the North and the North Koreans. failures in Internet Explorer, Chrome, and Windows related to sports emails containing bad contact or link to malicious sites, and attacks on "holes in the water" offered by the victims of the victims' computers. when they visited several websites that had been infected with malaria. through their investigations.



Google has dropped talk about potential attackers, but Russian spokesman Kaspersky tells WIRED that this is linked to Google's findings with DarkHotel, a group that has been in the public domain. of North Korea, denouncing actions against the South Korean government. ,

"It's amazing. It shows the level of commitment.

Dave Eitel, cross

South Koreans do not view the opposition north as a threat to launch sanctions across the region. But the country's ability to spend five days in a yearly surveillance program is a remarkable level of complexity and resources. "There is often a day off from acting from actor to short-term actor," Google TAG researcher Tony Gidwani wrote on the company's blog. "Most of the goals we saw were North Korea or people working on issues related to North Korea." In a follow-up email, Google explained that some of the missiles originated not only from the North but also from the country, stating that these missiles were not North Korea's most targeted by the North Korean administration.

Within hours of linking Google to non-everyday vulnerabilities and attacks targeting North Korea, Kaspersky was able to plan two vulnerabilities - one on Windows, one from Internet Explorer - and those affiliated with DarkHotel. The security team found out how these bugs were used to install DarkHotel malware on their client computers. (These attacks were about DarkHotel before Microsoft corrected its problems, Kaspersky said, adding that DarkHotel was no longer using the other party's vulnerabilities.) Google said for five days with a hacking group, "they are all. They may be affiliated with DarkHotel," says Kostin Rayu, head of Kaspersky's research and research group.

According to Rayu, DarkHotel has a long history of attacks from North Korea and China with the aim of exploration. "They want to get as much information as texts, emails and other information they can from these topics," he says. Rayu was reluctant to speculate on who would stand behind the group. But there is speculation that DarkHotel is working for the South Korean government and the International Relations Council claiming that the government sponsor DarkHotel is the Republic of Korea.

It is said that DarkHotel's fans were the strongest in 2007, but Kaspersky called the group his name in 2014, when he saw the band at the hotel's Wi-Fi hotel for the attack. for some hotel guests. their debt. According to Rayu, over the past three years, Kaspersky has discovered DarkHotel's use of three non-vacation days in addition to the five currently associated with the affected group to a Google blog post. "They are probably one of the most effective actors in the world when it comes to free delivery," Raju said. "It looks like they're doing it on their own rather than using code from other sources. They talk about their technical skills. These are pretty cool."