North Korean hackers target S.Korea’s shipbuilders

North Korean hackers target S.Korea’s shipbuilders

North Korea-linked state-sponsored hacker groups orchestrated a series of cyberattacks on South Korean shipbuilding companies in August and September 2023, the National Intelligence Service of South Korea revealed in a public alert.

The NIS believes that these hacking attempts were part of North Korean leader Kim Jong Un's strategy to strengthen its naval military power by building advanced warships.

The intelligence agency said that the attacks involved phishing emails designed to infect victims with malware.

The NIS didn’t disclose what shipbuilding companies were affected nor it provided any specific details about the damage caused by the intrusions or what North Korean threat actors were behind the attacks.

Recently, a North Korean state-sponsored hacker crew known as Lazarus Group has been observed using a previously undocumented backdoor in an attack targeting a Spanish aerospace company. After gaining access to the network, the Lazarus hackers deployed multiple payloads, including a previously unseen remote access trojan (RAT) called ‘LightlessCan.’


Back to the list

Latest Posts

Over 80K Roundcube webmail servers affected by high-severity RCE flaw

Over 80K Roundcube webmail servers affected by high-severity RCE flaw

Researchers report that an exploit for the vulnerability is already being sold on underground forums.
10 June 2025
Vulnerable Wazuh servers targeted by two Mirai botnets

Vulnerable Wazuh servers targeted by two Mirai botnets

The botnets exploited the flaw to fetch and execute a malicious shell script that serves as a downloader for the main Mirai malware payload.
10 June 2025
China-linked hackers target 70+ orgs across wide range of sectors

China-linked hackers target 70+ orgs across wide range of sectors

The researchers noticed overlaps between PurpleHaze and Chinese cyber espionage groups tracked as APT15 and UNC5174.
10 June 2025