South Korean Hackers Arrested for Infecting Cryto Mining Malware
The South Korean hackers’ were arrested for injecting malware in the computer of over 6,000 people. The Korean National Police Agency Cyber Bureau and local police have joined efforts to arrest a group of five hackers led by Kim Amu-Gae, 24, which have released 32,435 emails containing a crypto mining malware.
These emails were sent in a period of October to December 2017 that goes from two months. The hackers sent messages to many job applicants posing as employers. They disguised as recruiters and then sent individual emails to all applicants.
According to South Korean police believe “The emails had crypto mining malware disguised as documents and files that were sent to people who filed their applications on the platform created by the hackers. Because of this fake bond of trust, more people opened the files or downloaded them believing that the documents were legitimate and ended up installing the crypto program that ran in the background of their computers.
Most of the malware was deleted after the anti-virus software detected it within a few days, but cybersecurity firms initiated an investigation of the mining scam and local experts discovered the scheme, alerting the police.
Because the response was so quick, the group was not able to generate a significant revenue at the time except $1,000 USD in profit was generated. The malware was detected from three to seven days after the infection and was able to infect a total of more than 6,000 people.
It should also be noted that the opening rate was actually pretty low for a high-effort scam. Less than 20 percent of the potential victims opened the software. Looking at it like this, this crypto malware campaign was an utter failure. Most users were not affected and the ones that were only stayed infected for some months. Also, security firms reacted very fast.
The investigators told the local media that crypto jacking significantly reduces the performance of computers and it can be very dangerous when exposed to institutions as well as have a serious effect on society at large. Because of this, the presence of the anti-virus software was essential to quickly finish the threat.
According to reports, Monero, a cryptocurrency that does not show your transactions and it is therefore known as a privacy coin, was mined by the group. The hash rate of Monero is experiencing significant growth over the last months and it looks like a good part of it comes from hacked computers.
According to BitcoinExchange South Korea is a very crypto intensive country. It might have only 0.67 percent of the world’s population but it is the third biggest trader of Bitcoin globally and has 17 percent of all the Ethereum traders in the world. This might be another factor for why so many crypto jacking scams and malware attacks come from the country.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.