Follow us

Follow us

Our Services
Looking for overseas warehouse
Find Warehouse
High-quality services
Europe
France
North America
USA
South America
Africa
Oceania
Looking for logistics
Find Logistics
One-stop service
South America
North America
American special line
Africa
Europe
Oceania

North Korean hackers mimic e-commerce app to steal South Koreans' data NIS

North Korean hackers mimic e-commerce app to steal South Koreans data NIS(图1)

North Korean cybercriminals are attempting to steal South Koreans’ personal information by spoofing a widely used e-commerce app, Seoul’s intelligence agency announced Thursday.

The National Intelligence Service (NIS) said in a press release that it recently uncovered “circumstantial evidence” that an unnamed North Korean cybercrime organization tried to “manipulate and distribute” an e-commerce app used by more than 20 million South Koreans.

The NIS did not name the original app or mention how many people have unwittingly downloaded the fake version, but warned that the copycat app is hard to identify as it appears to have the same icons and functions and has almost the same file size.

North Korean cybercriminals have previously mimicked South Korean websites and deployed fake apps to infiltrate targets’ personal devices and steal sensitive data, and the latest campaign highlights the sophistication of their imitation tactics.

Warning that the criminals could use the counterfeit app to steal all personal information stored on victims’ devices, the agency urged potential targets to exercise caution when installing apps through links in emails or text messages from unknown sources.

The press release added that the NIS immediately shared information about the campaign with domestic and foreign security companies.

“As North Korea’s hacking methods targeting our citizens are becoming more sophisticated and diverse, we ask you to pay more attention to smartphone security, such as using the official app store and regularly updating antivirus apps,” an NIS official said, according to the press release.

The agency did not provide any technical details of the campaign, including the manner in which the fake app steals information and potentially transfers it to the attackers.

Daniel Pinkston, a Seoul-based lecturer in international relations at Troy University, suggested the press release’s lack of specifics could be due to considerations about “reputational damage” and legal or financial repercussions for the company that developed the original app.

“Just to get the warning out or raise public awareness about this problem, they feel that some statement has to be made, but it sounds like a case of general cybersecurity hygiene,” he told NK News.

The NIS issued a similar advisory in March, warning that North Korean cybercriminals were exploiting a vulnerability in a popular financial security certificate software commonly used for online banking. But it did not reveal details about the compromised software or the perpetrators until almost a month later.

On that occasion, the NIS ultimately revealed that North Korea’s Lazarus Group may have begun the campaign as early as April 2021, raising questions about law enforcement authorities’ delay in investigating and announcing their findings.


Reference : https://www.nknews.org/2023/10/north-korean-hackers-mimic-e-commerce-app-to-steal-south-koreans-data-nis/