US election hacking fears: North Korean group poses as reporters in cyber attack

We will use your email address only for sending you newsletters. Please see our Privacy Notice for details of your data protection rights.

Kimusky, which is also known as Hidden Cobra, has been targeting think-tanks, as well as diplomatic and high-level organisations in Japan, South Korea and the US. The cyberespionage group, which has been active since 2012, is said to be seeking out foreign policy and national-security issues related to the Korean peninsula, along with nuclear policy and sanctions. Kimusky is also targeting the cryptocurrency industry.

The group is hiding under the guise of South Korean reporters, according to the US Cybersecurity and Infrastructure Security Agency (CISA).

They said: “Posing as South Korean reporters, Kimsuky exchanged several benign interview-themed emails with their intended target to ostensibly arrange an interview date and possibly build rapport.

“The emails contained the subject line, ‘Skype Interview requests of [redacted TV show] in Seoul.’ and began with a request to have the recipient appear as a guest on the show.

“The APT group invited the targets to a Skype interview on the topic of inter-Korean issues and denuclearisation negotiations on the Korean Peninsula.”

CISA added that Kimusky sent emails with malicious documents after recipients agreed to an interview.

When the date of the interview got closer, another email was sent cancelling the interview.

Erich Kron, security awareness advocate at KnowBe4, said: “This is another example of the seriousness of the modern cybercrime world and the resources behind them.

“With billions of dollars at stake every year and with warfare expanding to the digital realm in such a large way, it is no surprise that nation-states are involved.

“The days of thick manila envelopes full of papers, traditional dossiers on people or stealthy microfilm cameras whisking away our information are gone.

“Now, it is all a bunch of ones and zeros in easily searched databases.”

The warning comes after US president Donald Trump’s campaign website was hacked in a reported cryptocurrency scam.

A message was briefly displayed on the website, which said: “The world has had enough of the fake news spread [sic] daily.”

Christian persecution: North Korea horrors exposed in harrowing report [REVEALED]
North Korea crackdown: Kim Jong-un sends out COVID inspection teams [INSIGHT]
North Korea crisis: Desperate Kim hatches bizarre money-making plan [VIDEO]

The hackers also claimed the US administration was “involved in the origin of the coronavirus”.

There was then a message asking for cryptocurrency donations in exchange for access to information about interference in the election.

This has now been taken down.

Mr Trump’s re-election campaign team is investigating the security breach.

The campaign team said there was “no exposure to sensitive data because none of it is actually stored on the site”.

Trump campaign communications director Tim Murtaugh denied any

sensitive data was collected from this attack.

He told CNN: “The Trump campaign website was defaced and we are working with law enforcement authorities to investigate the source of the attack.

“There was no exposure to sensitive data because none of it is actually stored on the site.”

Source: Read Full Article