According to a police investigation, 1,468 people were victims of hacking crimes committed by the so-called "Kim Suki" group, which is called a North Korean hacking organization, against foreign affairs and security experts and ordinary people in South Korea, a 30-fold increase from last year.

The National Police Agency's National Investigation Headquarters said that from March to October, it investigated cases related to the dissemination of malicious programs by the North Korean hacking organization "Kim Suki Kwon" by impersonating domestic investigative agencies and media outlets, resulting in 3,10 victims, and in particular, it found that they tried to steal the victims' virtual assets.

According to the police, Kim Suki sent emails pretending to be a reporter from a local TV station, an employee of the National Tax Service, or an employee of the National Police Agency, and sent the recipient (the victim) information and links that would be of interest to them.

When the recipient (victim) reads the link, a 'keylogging' program is installed on the victim's personal computer without the victim's knowledge to steal personal information.

In particular, unlike ransomware, this 'keylogging' program is installed without the victim noticing, and sensitive information such as keyboard inputs, such as ID and PW, is transmitted in real time to an overseas waypoint server operated by North Korea.

As such, it was revealed that there are 1 overseas waypoint servers (468 in Korea) operated by North Korea's Kim Suki forces around the world, and they mainly target the servers of small and medium-sized companies with weak security.

In addition to information theft, another type of crime committed by the North Korean hacking Kim Suki faction was that they tried to steal the victims' virtual assets directly.

Last year, the police explained that they installed a ransomware program to disable PCs and threaten to extort cash, and in addition, they tried to access the victim's virtual asset account and take it directly after hacking.

In addition, it has been confirmed that mining was carried out through a transit server overseas.

Earlier, the police announced that in December last year, the North Korean hacking organization Kim Suki committed a crime against 576 victims by impersonating the office of Rep. Thae Yong-ho and a reporter from a news agency, aiming to distribute ransomware.

A police official said, "It is not easy for the general public to identify whether a keylogging program has been installed," and urged the public to use an anti-virus program that can determine whether a keylogging program has been installed.

(Photo = Yonhap News)