SURYAA

Home

Telugu Version

English Version

Latest Updates National International Telangana Andhra Pradesh Cinema Business Sports

Let's get Social

Facebook Twitter Google +

North Korea-backed hackers launch cyber attack using computer files

 

by IANS |

Seoul, Dec 22 (IANS) A North Korea-linked cyber hacking group appears to have launched a new cyber attack campaign, code-named "Artemis," that embeds malicious code inside computer files, a report showed on Monday.


The Genians Security Center (GSC), a South Korean cybersecurity institute, said in a report that it detected the operation believed to have been carried out by APT37, a Pyongyang-backed cyber hacking group, reports Yonhap news agency.


According to the report, the threat actors embedded malicious object linking and embedding (OLE) code inside Hangul Word Processor (HWP) documents. An attack chain is triggered when a user allows the opening of the document's content and clicks a hyperlink in the file.


HWP is a document file format widely used as a standard in South Korea.


The findings follow an October report by 38 North, a U.S.-based website monitoring North Korea, which said North Korean cyber operators have repeatedly exploited the HWP format to infiltrate government, military and key industrial networks in South Korea.


"This attack demonstrates APT37's ongoing pattern of highly developed reconnaissance and infiltration activities," the GSC report said. "It also indicates that the group continues to refine its capabilities by leveraging advanced technical methods."


In November, a North Korea-linked hacking group launched a new form of cyberattack that remotely controls Android smartphones and personal computers (PCs) to delete key data, including photos, documents and contact information.


The group, believed to be affiliated with Pyongyang-sponsored groups Kimsuky or APT37, infiltrated victims' smartphones and PCs through malware distributed via KakaoTalk and stole account information for Google and major domestic IT services, according to the report by the Genians Security Center (GSC), a South Korean cybersecurity institute.


They remotely reset the smartphones after using Google's location-based tracking system to confirm the victims were outside their homes or offices.


The remote reset halted normal device operation, blocking notification and message alerts from messenger apps and effectively cutting off the account owner's awareness channel, thereby delaying detection and response, the report explained.


Through this process, key data stored on the infected devices, including photos, documents and contacts, were completely deleted.


—IANS

Latest News
Trump blasts NATO, allies over Iran war Tue, Apr 07, 2026, 12:19 PM
Surveillance Tightened After Mysterious Deaths of 5 Children in Salumbar Trigger Panic; Probe Ordered Tue, Apr 07, 2026, 12:16 PM
Crude oil prices surge over 3 pc over Iran tensions, Trump deadline Tue, Apr 07, 2026, 12:15 PM
Brazil launches measures to cushion fuel price hikes Tue, Apr 07, 2026, 12:14 PM
Samsung Electronics Reports Record Q1 Operating Profit, Beats Market Expectations Tue, Apr 07, 2026, 12:12 PM