Tag: hacking

South Korean Man Arrested for Hacking 400,000 Apartment Cameras

This is why I don’t have cameras inside of my house, they are just too easy to hack:

This image, taken on Dec. 20, 2022, shows devices that were seized by police as part of their investigation into the hacking of built-in home cameras. (Yonhap)

A hacker in his 30s was arrested on charges of infiltrating built-in home cameras at over 600 different apartment complexes and distributing recorded footage, police said Tuesday.

In South Korea, it is common for internet-connected home security devices with cameras to be installed in apartment complexes. A wall-pad device, which is attached to the wall, can activate other devices inside the house.

The hacker, only identified by his surname Lee, is under suspicion of hacking wall-pad devices of more than 400,000 households in 638 different apartment complexes between August and November of last year, according to the National Police Agency (NPA).

Yonhap

You can read more at the link.

U.S. Treasury Department Sanctions North Korean Hacking Groups

Some how I doubt these North Korean hacking groups own any property in the U.S. which would make these sanctions more or less a PR effort:

The United States on Friday sanctioned three entities it accused of conducting cyber attacks on behalf of the North Korean government to generate revenue for the regime’s nuclear and missile programs.

The Department of the Treasury said the new measures target Lazarus Group, Bluenoroff, and Andariel, all of which are controlled by the Reconnaissance General Bureau, North Korea’s primary intelligence bureau.

Lazarus Group’s activities were widely reported after it was blamed for the 2014 cyber attack of Sony Pictures Entertainment and the 2017 WannaCry ransomware attack on countries including the U.S. and Britain.

Bluenoroff and Andariel, the Treasury said, are sub-groups of Lazarus Group.

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyber attacks to support illicit weapon and missile programs,” Treasury Under Secretary for Terrorism and Financial Intelligence Sigal Mandelker said in a statement.

“We will continue to enforce existing U.S. and UN sanctions against North Korea and work with the international community to improve cybersecurity of financial networks,” she said.

The sanctions freeze all of the entities’ property and interests in the U.S., as well as those of other entities that are owned 50 percent or more by the three groups.

Yonhap

You can read more at the link.

Seoul Says Hackers Are Responsible for Sending Official Emails Claiming Rift in US-ROK Alliance

Even if the person’s email was hacked why was state agencies sending classified documents over an unclassified network to begin with?  This is worse than the alleged hacking:

Cheong Wa Dae is looking into possible hacking cases, in which emails intended to create a rift in alliance between South Korea and the United States have been sent out using the accounts of at least two senior officials.

Citing recipients of these emails, the presidential office said this is to either steal classified information on North Korea policy or drive a wedge into the South Korea-U.S. alliance by using fake documents.

“We take each case very seriously and asked the National Police Agency to look into them thoroughly,” a presidential aide said asking not to be named.

The latest cases increased concerns over fake news at an alarming rate. This was because vernacular newspaper The Asia Business Daily, after obtaining a fake document on the U.S. mistrust of South Korea, published a related story on Nov. 27.

“It is way beyond a misreport and what we’re facing is the most malicious case in journalism history,” said Cheong Wa Dae spokesman Kim Eui-kyeom. “The way false information has been produced and disseminated is very elaborate.”

He added Cheong Wa Dae will “hunt down those who are responsible,” claiming the information itself was aimed at creating a rift between the two allies and therefore is anti-governmental.

In the first case, someone who pretended to be Presidential Secretary for State Affairs Yun Kun-young sent mails at the beginning of this year to multiple ministry officials.

The suspect then demanded recipients to hand over digital documents related to North Korea policy.

It remains uncertain how many shared classified information with the suspect.

One of the recipients raised a question over why such sensitive content was sent through Yun’s private email address, and not the one created by Cheong Wa Dae. He called Yun to confirm accordingly.  [Korea Times]

You can read more at the link, but they don’t know who conducted the alleged hacking.  Considering that the alleged hacking was done with the purpose of creating a rift in the US-ROK alliance, China or North Korea seem like likely suspects.

North Koreans Steal OPLAN Because Someone Left an Unclassified Computer Plugged Into Its Secret Network

Here is how the North Koreans were able to get access to OPLAN 5015:

A South Korea lawmaker recently disclosed that hackers suspected to be North Korean gained access to Seoul’s highly secured military intranet in September 2016 and made off with the US and South Korea’s secret war plans.

“It’s a ridiculous mistake,” the lawmaker, Rhee Cheol-hee, told The Wall Street Journal.

North Korean personnel reportedly attacked a South Korean cybersecurity firm and embedded themselves in the software. South Korea’s military used the software on its military computers, but the North Koreans still shouldn’t have been able to get in because Seoul keeps its internet, or outwardly connected network, separate from its intranet, or private network.

But it took only one computer plugged into both the internet and the intranet for the North Koreans to break in, The Journal reported.

“They should have removed the connector jack immediately after maintenance work,” Rhee said.

As a result, North Korea reportedly got ahold of Operation Plan 5015, the US and South Korea’s secret war plan to kill the North Korean leader Kim Jong Un.  [Business Insider]

Maybe someone with IT experience can tell me why an unclassified networked computers needs to be plugged into a classified network for maintenance reasons?

ROK Police Say North Korean Hackers Did Not Access Classified Defense Documents

This is why classified information is not stored on an unclassified network because it is so easy for hackers to get access to it:

Hours after police revealed that North Korea gained access to a host of defense-related documents during a hacking attack in February, the South Korean military asserted that no military secrets were included in the leaked documents.

A military official said on Monday that most of the 42-thousand documents stolen from South Korea’s SK Networks and Korean Air by the North are already open to the public.

The leaked documents reportedly include the design map of the wing of the U.S. F-15 fighter jet and photos of parts of a medium altitude unmanned surveillance vehicle.

The compromised data of the U.S. F-15 fighter jet is said to be simple specifications of the jet’s external design such as its length and width, and has no relevance to South Korea’s F-15K.  The military said that the core part of the design of the medium altitude unmanned surveillance vehicle was not leaked.  [KBS World Radio]

Sony Hack Sends Effective Warning to Other Hollywood Film Studios from North Korea

This hack of Sony by likely North Korean hackers is actually turning out to be a very effective way for the North Koreans to influence how Hollywood tries to depict their country in future films.  The Kim regime has clearly had enough of being the stereotypical bad guys for various Hollywood films and the leak of these internal Sony emails is proving to be highly embarrassing and could lead to legal action against the company for many years to come:

sony image

The hits on Sony keep coming.

As journalists pore over hundreds of thousands of internal Sony emails the hacker group calling itself Guardians of Peace starting releasing on Nov. 24, more sensitive information continues to be uncovered, including revelations published on Friday by The Daily Beast, Re/code, Gawker, and The Verge.

To date, the hackers have released Sony executives’ salariestop-secret profitability dataemployees’ Social Security numbers, embarrassing emails and at least five films and opened up legal risks for years to come. The most revealing information leaked so far has come from the email exchanges between studio execs and Hollywood’s elite. Here are 10 of the latest developments. [Yahoo Movies]

You can read more at the link, but surely any Hollywood film company is going to think twice about making North Korea the stereotypical bad guys for their films after this cyberattack against Sony.