North Korean hackers disguise as US reporters to gather information on Japan's security policies: Korean coverage

On March 28th (local time), Bloomberg News of the United States quoted a report by Mandiant, a cybersecurity company affiliated with the major IT giant Google, saying that a North Korean cyber espionage group has been operating between the United States and South Korea in recent months. In order to collect information from government agencies, academic societies, think tanks, etc.

According to the report, a hacker belonging to "APT43" who is suspected of being related to the North Korean government recently impersonated a reporter for the US government-affiliated media "Voice of America (VOA)" and was involved in nuclear-related policies and weapons proliferation. We collected information about the hacker who sent a message to an expert asking, "Do you think Japan will increase its defence budget after North Korea's nuclear test?"

Mandiant said North Korean hackers once acted like New York Times recruiters and sent fake emails.

According to Mandiant, APT43 has used malware to generate cryptocurrencies, steal usernames and passwords, and conduct espionage focused on international negotiations on nuclear-related policies.

Blockchain analysis firm Chainalysis estimates that a North Korean hacker group stole a total of $1.7 billion of cryptocurrencies last year.