North Korean hackers target S. Korean UpBit exchange users in phishing attack

posted 4 months ago
North Korean hackers have allegedly attacked users of South Korean exchange UpBit with a phishing exploit. According to East Security company, the hacker attempted a cyberattack by sending a phishing e-mail on May 28th. The subject of the mail suggested that UpBit needed more information for a customer’s fictional sweepstakes payout.

The email contained a file claiming to contain documentation for the payout. According to East Security, running this file displayed what looked like a normal document but then would run malicious code. It then sent data about the user’s machine as well as private keys and logins. East Security believes that this cyber attack came from a North Korean hacking group Kim Soo-ki. In a clever move the hackers password-protected the malicious file with the word “UPBIT.” This means that traditional anti-virus tools would not be able to detect the malicious code. No losses have been reported.
Tags: bitcoin, news