On Thursday, researchers at Google’s Threat Analysis Group announced that an unknown group of hackers used five zero-day vulnerabilities to hack North Koreans in 2019. Although many North Koreans have extremely limited access to the internet, the ones who do have been targeted by a sophisticated hacking spree that may have been the work of a South Korean hacking group. The exploited flaws were in Internet Explorer, Chrome and Windows and were combined with phishing emails that contained malicious attachments or links to malicious sites.
Upon clicking the attachments of links, the victims’ devices were infected via their browsers. Although Google did not release the attackers’ identities, a Russian security firm Kaspersky told WIRED that it had linked the campaign to DarkHotel, a group that has historically targeted North Koreans and may have connections to the South Korean government.
Read More: An Elite Spy Group Used 5 Zero-Days to Hack North Koreans