Hackers from North Korea reportedly took advantage of the tragic Halloween crowd crush in South Korea back in October. The hackers allegedly targeted users with malware during that time.
A report by the anti-hacking unit at Google, the Threat Analysis Group, was published Wednesday, detailing how North Korean hackers exploited the tragic Halloween crowd crush in Itaewon. The hackers, backed by the government, planted malicious software in Microsoft Office documents that looked like a South Korean government report on the Halloween crowd crush.
The Threat Analysis Group said it traced the activity to a group of North Korean government-backed hackers known as APT37. The hacker group is long known for targeting South Korean users, North Korean defectors, policymakers, journalists, and human rights activists.
The tragic crowd crush in Itaewon, South Korea, took place on October 29, when thousands of people surged through a narrow alleyway in the district known for its nightlife. 158 people were killed as a result of the surge.
“This incident was widely reported on, and the lure takes advantage of widespread public interest in the accident,” said the Threat Analysis Group in its report.
North Korean hackers have been accused of launching cyberattacks all over the world. Many such cyberattacks aimed to gather funds for Pyongyang under Kim Jong-un’s regime. In the first five months of 2022, North Korean hackers stole $840 million worth of digital assets, up by $400 million from last year, according to an assessment by blockchain analysis firm Chainalysis.
Pyongyang has also faced accusations of using hacked funds to finance its pursuit of developing nuclear weapons and ballistic missiles by the United Nations panel in charge of monitoring the enforcement of sanctions on North Korea.
North Korea has since been under sanctions by the UN, as well as sanctions by the United States, South Korea, and Japan for its record number of missile tests this year. The three allies sanctioned North Korea Thursday last week, with Washington saying North Korea’s ballistic missiles “pose grave risks to the region and the entire world.”
Jon Il-ho, Yu Jin, and Kim Su-gil were the individuals sanctioned by the US Treasury. The three individuals were previously sanctioned by the European Union back in April.