North Korea has spoofed South Korea’s largest internet portal, Naver, in a phishing operation aimed at collecting personal data. Seoul’s secret services reported it. According to the National Intelligence Service (NIS), Pyongyang put online a phishing site that reproduced the home page of the South Korean search engine, including sections dedicated to news, stock market and real estate.
Naver is one of South Korea’s largest technology companies that offers services used by Internet surfers, including a mapping tool, payment methods, but also blogs and forums. The spoofed site, identified by South Korean intelligence as naverportal.com, was designed to crack Naver user IDs and passwords and give Pyongyang access to valuable personal information, the NIS said in a statement.
“As North Korea’s hacking methods against us are becoming more sophisticated, we urge everyone to be extremely vigilant and discontinue access if you notice that the page does not contain Naver’s standard login domain URL.” the NIS added. The South Korean Foreign Ministry explained in a statement that “North Korea conducts cyber attacks in all directions, including theft of cryptocurrencies and hacking of sensitive information, around the world“. This activity “not only causes material damage to innocent businesses and individuals, but also poses a serious threat to the entire global IT ecosystem,” it continues. According to Seoul, Tokyo and Washington, North Korea stole up to $1.7 billion in cryptocurrencies in 2022 and supported its weapons programs in part by gathering intelligence through “malicious cyber activities.”