Creators of WannaCry virus suspected of attacking South Korean cryptoinvestors

Hackers from the Lazarus Group, linked to the DPRK's government, are behind the attacks on investors of the cryptic foreign exchange exchanges in South Korea that took place in late 2017.

This conclusion was reached by the international company Recorded Future, working in the field of cybersecurity. The report is available on the company's website.

"The agents of the North Korean government, especially the Lazarus group, attacked the South Korean crypto exchange exchanges and their participants at the end of 2017," the document said.

The malicious program, which worked at the end of 2017, was targeted specifically at users of the Korean text editor Hancom's Hangul Word Processor.

The objectives of the hackers were also members of the South Korean Student Association "Friends of the Ministry of Foreign Affairs" - students interested in the work of the Foreign Ministry of South Korea.

Experts have decided that Destover's malicious software was used in all cases - it was this virus that was used during hacking attacks against Sony Pictures Entertainment in 2014, Polish banks in January 2017, and the first victim of the WannaCry virus in February 2017.

Recorded Future experts believe that the Lazarus Group (also known as HIDDEN COBRA), a group of North Korean hackers funded by Pyongyang.

hromadske.ua  In Ukrainian/український