New research by IssueMakersLab has identified a unique state-sponsored threat campaign targeting retired South Korean government and military officials. Between July and August of this year, hackers linked to the North Korean regime sent spear phishing emails to the accounts of former officials. The emails contained malicious links that redirected victims to fake login pages in an attempt to harvest account credentials.
IssueMakersLab founder Simon Choi says that retired South Korean officials make for attractive targets because they “are engaged in government advisory activities, and they maintain ties with incumbent government officials.” The campaign likely aimed to gather information on victims and possibly to use compromised accounts to target incumbent officials, whose accounts are protected by government infrastructure.
Read more: North Korean state hackers target retired diplomats and military officials