Latest South Korea news

North Korea hacks two South Korean chip firms to steal engineering data

The National Intelligence Service (NIS) in South Korea warns that North Korean hackers target domestic semiconductor manufacturers in cyber espionage attacks.
- Bill Toulas
- March 04, 2024
- 09:46 AM
- 0
Free Rhysida ransomware decryptor for Windows exploits RNG flaw

South Korean researchers have publicly disclosed an encryption flaw in the Rhysida ransomware encryptor, allowing the creation of a Windows decryptor to recover files for free.
- Bill Toulas
- February 12, 2024
- 10:44 AM
- 0
Lazarus hackers hijack Microsoft IIS servers to spread malware

The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for malware distribution.
- Bill Toulas
- July 24, 2023
- 04:34 PM
- 0
North Korean hackers breached major hospital in Seoul to steal data

The Korean National Police Agency (KNPA) warned that North Korean hackers had breached the network of one of the country's largest hospitals, Seoul National University Hospital (SNUH), to steal sensitive medical information and personal details.
- Bill Toulas
- May 10, 2023
- 05:16 PM
- 0
How 'Kimsuky' hackers ensure their malware only reach valid targets

The North Korean 'Kimsuky' threat actors are going to great lengths to ensure that their malicious payloads are only downloaded by valid targets and not on the systems of security researchers.
- Bill Toulas
- August 25, 2022
- 06:33 PM
- 1
New GwisinLocker ransomware encrypts Windows and Linux ESXi servers

A new ransomware family called 'GwisinLocker' targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines.
- Bill Toulas
- August 06, 2022
- 10:05 AM
- 0
BitRAT malware now spreading as a Windows 10 license activator

A new BitRAT malware distribution campaign is underway, exploiting users looking to activate pirated Windows OS versions for free using unofficial Microsoft license activators.
- Bill Toulas
- March 21, 2022
- 05:18 PM
- 0
DarkHotel hacking campaign targets luxury Macao resorts

The South Korean DarkHotel hacking group has been spotted in a new campaign spanning December 2021 through January 2022, targeting luxury hotels in Macao, China.
- Bill Toulas
- March 18, 2022
- 10:51 AM
- 0
South Korean telco KT suffers nationwide outage after routing error

The second-largest telecommunications provider in South Korea, KT Corporation, has suffered a nationwide outage today, leaving all its 16.5 million customers without internet connectivity and telephony services for about 40 minutes.
- Bill Toulas
- October 25, 2021
- 12:20 PM
- 0
RAT malware spreading in Korea through webhards and torrents

An ongoing malware distribution campaign targeting South Korea is disguising RATs (remote access trojans) as an adult game shared via webhards and torrents.
- Bill Toulas
- October 21, 2021
- 10:22 AM
- 2
TrickBot gang developer arrested when trying to leave Korea

An alleged Russian developer for the notorious TrickBot malware gang was arrested in South Korea after attempting to leave the country.
- Lawrence Abrams
- September 06, 2021
- 11:24 AM
- 0
Ransomware gang uses PrintNightmare to breach Windows servers

Ransomware operators have added PrintNightmare exploits to their arsenal and are targeting Windows servers to deploy Magniber ransomware payloads.
- Sergiu Gatlan
- August 12, 2021
- 05:03 AM
- 0
South Korea's Nuclear Research agency hacked using VPN flaw

South Korea's 'Korea Atomic Energy Research Institute' disclosed yesterday that their internal networks were hacked last month by North Korean threat actors using a VPN vulnerability.
- Lawrence Abrams
- June 19, 2021
- 01:59 PM
- 0
GandCrab ransomware affiliate arrested for phishing attacks

A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims.
- Lawrence Abrams
- March 09, 2021
- 10:07 AM
- 0
Ransomware forces E-Land South Korean retail giant to close stores

South Korean conglomerate and retail giant E-Land has suffered a ransomware attack causing 23 of its retail stores to suspend operations while they deal with the attack.
- Lawrence Abrams
- November 23, 2020
- 01:37 PM
- 0
400.000 US, South Korean card records put up for sale online

Details on roughly 400,000 payment cards related to US and South Korean financial organizations and banks are currently up for sale on Joker's Stash, the largest carding shop on the Internet.
- Sergiu Gatlan
- April 24, 2020
- 10:48 AM
- 0
Backdoored Torrents Infect Movie, TV Fans with GoBot2 Malware

TV show and movie fans are being targeted by a malicious campaign that distributes a GoBot2 backdoor variant via files downloaded from several South Korean and Chinese torrent sites.
- Sergiu Gatlan
- July 08, 2019
- 10:51 AM
- 0
1,600 Hotel Guests Secretly Live Streamed to 4,000+ Subscribers

Four individuals from South Korea were detained for secretly recording, live streaming, and selling spycam videos of 1600 motel guests between November 24 and March 2, with two of them being arrested and facing a maximum of five years in jail.
- Sergiu Gatlan
- March 20, 2019
- 01:58 PM
- 0
South Korea is Censoring the Internet by Snooping on SNI Traffic

South Korea has been blocking HTTP websites that are on their censor list for a while now and they have recently started using SNI filtering to block their counterparts served over HTTPS.
- Sergiu Gatlan
- February 13, 2019
- 06:19 PM
- 1
Bithumb Hacked Second Time in a Year. Hackers Steal $31 Million

For the second time in a year, South Korean cryptocurrency exchange Bithumb has been hacked, and this time around, hackers stole the equivalent of 35 billion won ($31.6 million) worth of cryptocurrency.
- Catalin Cimpanu
- June 20, 2018
- 04:00 AM
- 0