August 6, 2024 By Pierluigi Paganini
South Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware.
South Korea’s national security and intelligence agencies, including the National Intelligence Service, the Prosecutor’s Office, the Police Agency, the Military Intelligence Command, and the Cyber Operations Command, have issued a joint cybersecurity advisory to warn that North Korea-linked hackers exploited VPN software update to install malware on target networks.
According to the South Korean authorities, the government of Pyongyang’s goal is to steal intellectual property and trade secrets from the South.
North Korea-linked actors hacking groups are targeting South Korea’s construction and machinery industries. The advisory provides details on the tactics, techniques, and procedures (TTPs) employed by the attackers, as well as indicators of compromise (IoCs) for these attacks.