http://news.techworld.com/security/3468265/north-korea-prime-suspect-after-crude-trojan-aimed-at-south-korean-think-tanks/
By John E Dunn
Techworld
11 September 2013
Kaspersky Lab has uncovered what looks like a surprisingly clunking
attempt by North Korean hackers to steal data from think-tanks in hated
neighbour South Korea using a poorly-concealed Trojan.
The Russian firm’s analysis makes clear that attribution for ‘Kimsuky’
can’t be planted on the door of North Korea with absolute certainty but
it’s hard to see why anyone else would be so interested in its target
list.
These include among 11 South Korean organisations, the Sejong Institute,
the Korea Institute For Defense Analyses (KIDA), the Ministry of
Unification Government department, and Hyundai Merchant Marine, all
attacked most likely using some form of spear phishing.
The malware first turns off the Windows firewall and the Windows service
that alerts users to this event and, if it is present, tries to disable
firewall software from South Korean firm AhnLab, an antivirus client
extremely popular with businesses in the country.
[...]
--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
