A North Korean cyberespionage group previously known only for targeting South Korea’s government and private sector deepened its sophistication and hit fur
FRANKFURT, GERMANY – A North Korean cyberespionage group previously known only for targeting South Korea’s government and private sector deepened its sophistication and hit further afield, including in Japan and the Middle East, in 2017, security researchers said on Tuesday.
Cyberattacks linked by experts to North Korea have targeted aerospace, telecommunications and financial companies in recent years, disrupting networks and businesses around the world. North Korea rejects accusations it has been involved in hacking.
U. S. cybersecurity firm FireEye said the state-connected Reaper hacking organization, which it dubbed APT37, had previously operated in the shadows of Lazarus Group, a better-known North Korean spying and cybercrime group widely blamed for the 2014 Sony Pictures and 2017 global WannaCry attacks.
APT37 had spied on South Korean targets since at least 2012 but has been observed to have expanded its scope and sophistication to hit targets in Japan, Vietnam and the Middle East only in the last year, FireEye said in a report.
The reappraisal came after researchers found that the spy group showed itself capable of rapidly exploiting multiple “zero-day” bugs — previously unknown software glitches that leave security firms no time to defend against attacks, said John Hultquist, FireEye’s director of intelligence analysis.
