Share

Related Stories

Top 5 Stories

News

Cyber threat targets South Korean government

09 July 2012

South Korean government agencies have been the target of cybersecurity attacks that employ a malicious HWP word processing document designed to exploit a vulnerability in the software, explained AhnLab in a recent alert.

The Korean security firm recently identified emails with a malicious HWP attachment that is designed to exploit a zero-day type of vulnerability in the Korean-language word processing software.

The attached malicious file is disguised as a document from the government archives. Titles of the bogus documents include 'The Strategic Approach to North Korean Nuclear Issue', 'Agenda for Unification of North and South Korea Conference', 'Improving the Department of Defense System Engineering of XX University', and 'Technology for National Defense System'.

Once downloaded, the document infects the victim’s machine with malware that is able to collect the record of web access, hardware, and OS data and send it to a command and control (C&C) server, according to AhnLab.

Once connected to the C&C server, the malware is able to upload and download the files from the infected machine, as well as collect the IP and proxy address.
 

This article is featured in:
Application Security  •  Internet and Network Security  •  Malware and Hardware Security  •  Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×