Trending Now

22/12/2025
LIVE
Get it on Google Play Download on the App Store
  1. Home
  2. Business
  3. North Korea-backed hackers launch cyber attack using computer files

Have North Korea-Backed Hackers Initiated a New Cyber Attack?

Click to start listening
Have North Korea-Backed Hackers Initiated a New Cyber Attack?

Synopsis

A recent report reveals that a North Korea-affiliated hacking group has launched a new cyber attack campaign known as 'Artemis.' This operation embeds malicious code in documents, showcasing ongoing sophisticated infiltration tactics. As cyber threats evolve, understanding their impact on national security is crucial.

Key Takeaways

  • North Korea-linked hackers are evolving their cyber attack tactics.
  • The Artemis campaign embeds malicious code in HWP documents.
  • APT37 is a key player in these cyber infiltration attempts.
  • Victims are often targeted through popular messaging platforms like KakaoTalk.
  • This highlights the need for improved cybersecurity measures in South Korea.

Seoul, Dec 22 (NationPress) A cyber hacking group associated with North Korea seems to have initiated a new cyber attack operation, known as "Artemis," which incorporates malicious code within computer files, according to a report released on Monday.

The Genians Security Center (GSC), a cybersecurity institute based in South Korea, indicated in a report that it detected this operation, thought to be executed by APT37, a cyber hacking group supported by Pyongyang, as reported by Yonhap news agency.

The report revealed that the threat actors have embedded malicious object linking and embedding (OLE) code within Hangul Word Processor (HWP) documents. An attack sequence is initiated when a user permits the opening of the document's content and clicks on a hyperlink contained within the file.

HWP is a document file format that is widely recognized as a standard in South Korea.

These findings come in the wake of an October report by 38 North, a U.S.-based website that monitors North Korea, which indicated that North Korean cyber operators have consistently exploited the HWP format to penetrate government, military, and crucial industrial networks in South Korea.

According to the GSC report, "This attack exemplifies APT37's ongoing trend of advanced reconnaissance and infiltration activities." It also emphasizes that the group continues to enhance its capabilities by utilizing sophisticated technical methods.

In November, another hacking group linked to North Korea executed a novel cyberattack that remotely accessed Android smartphones and personal computers (PCs) to erase essential data, including photos, documents, and contact details.

This group, believed to be associated with Kimsuky or APT37, infiltrated victims' smartphones and PCs via malware disseminated through KakaoTalk and pilfered account details for Google and major domestic IT services, as per the Genians Security Center report.

They executed a remote reset on the smartphones after using Google's location-based tracking system to ascertain that the victims were outside their residences or offices.

This remote reset disrupted normal device operations, blocking notifications and message alerts from messaging apps and effectively severing the account owner's awareness channel, thus delaying detection and response, the report elaborated.

As a result, key data stored on the infected devices, including photos, documents, and contacts, were irretrievably deleted.

Point of View

It is imperative to recognize the increasing sophistication of cyber threats posed by North Korean hackers. The recent developments underscore the necessity for heightened vigilance and proactive measures to safeguard national digital infrastructures.
NationPress
22/12/2025

Frequently Asked Questions

What is the 'Artemis' cyber attack?
The 'Artemis' cyber attack is a campaign initiated by a North Korea-linked hacking group that embeds malicious code within computer files, particularly targeting HWP documents.
Who is behind the 'Artemis' cyber attack?
The attack is believed to be carried out by APT37, a cyber hacking group associated with the North Korean government.
What type of files are being targeted?
The attack primarily targets Hangul Word Processor (HWP) documents, which are commonly used in South Korea.
How does the attack work?
The attack is triggered when a user opens the infected document and clicks on a hyperlink, activating the embedded malicious code.
What other cyber threats are linked to North Korea?
Recent reports indicate that North Korean hackers have also launched attacks that remotely control smartphones and PCs to delete sensitive data.
Tags: North Korea cyber attack Artemis cyber campaign APT37 hacking group South Korea cybersecurity HWP document attacks malicious code infiltration North Korean hackers news recent cyber threats Hangul Word Processor security cyber warfare developments
Nation Press

Related Posts

Why Did Gold Prices Soar to Rs 1.38 Lakh per 10 Grams in Delhi?

Nation Press
Would 66% of Employees Accept a Pay Cut for Better Workplace?

Nation Press
Is Tata Electronics Partnering with Japan’s ROHM to Manufacture Semiconductors in India?

Nation Press
Could India’s GDP Growth Hit 7.5% in FY26?

Nation Press

Follow Us

Popular Posts

Categories

Newsletter

Tags

Modi News IPL 2025 Sensex News Technology News Health News Sports News Rahul Gandhi News