Seoul, Dec 4 (EFE).- North Korean hacker group Andariel has stolen information on key technologies from South Korean defense companies and pocketed more than $350,000 through ransomware attacks on other firms, Seoul police said Monday.
The United States Federal Bureau of Investigation collaborated with the Seoul Metropolitan Police Agency in the investigation of the case and continue to study the attack by Andariel, thought to be controlled by North Korea’s main intelligence agency, the Reconnaissance General Bureau.
The hackers used a loosely monitored South Korean server lender to access the websites of South Korean companies and institutions.
Hackers carried out 83 attack attempts from the Ryugyong-dong district of Pyongyang between December 2022 and March 2023 before managing to infiltrate the South Korean websites, according to Yonhap news agency.
The organizations attacked include an information technology service subsidiary of a South Korean conglomerate, research centers, universities, defense companies and financial institutions dealing with high-level science and technology.
The total volume of leaked data amounts to 1.2 terabytes and includes personal information of website users and on laser-based air defense weapons, in addition to that relating to “key” defense technologies, it said.
Andariel also accessed data from three other South Korean companies through ransomware attacks, which prevent users from accessing their systems or files and demand the payment of a ransom to recover them.
The total amount pocketed was 470 million won (about $360,000) in digital coins, and it is believed that some of the ransoms were sent to North Korea, Yonhap reported.
According to police findings, about 110 million won was transferred to a Chinese bank through the account of a foreign woman, and the funds were withdrawn at a bank branch along the North Korea-China border, it added.
Authorities suspect that the funds were ultimately funneled to North Korea and an investigation is underway into the woman’s financial and mobile communications records to investigate whether this served as a conduit for money laundering. EFE