Seoul, Nov 10 A North Korea-linked hacking group has launched a new form of cyberattack that remotely controls Android smartphones and personal computers (PCs) to delete key data, including photos, documents and contact information, a report showed on Monday.
The group, believed to be affiliated with Pyongyang-sponsored groups Kimsuky or APT37, infiltrated victims' smartphones and PCs through malware distributed via KakaoTalk and stole account information for Google and major domestic IT services, according to the report by the Genians Security Center (GSC), a South Korean cybersecurity institute.
They remotely reset the smartphones after using Google's location-based tracking system to confirm the victims were outside their homes or offices, reports Yonhap news agency.
The remote reset halted normal device operation, blocking notification and message alerts from messenger apps and effectively cutting off the account owner's awareness channel, thereby delaying detection and response, the report explained.
Through this process, key data stored on the infected devices, including photos, documents and contacts, were completely deleted.
At the same time, the attackers spread malware disguised as "stress relief programs" to acquaintances through PCs and tablets already infected at the victims' homes or workplaces.
The GSC report said the hackers may have also used webcams on PCs to confirm whether victims are away from home, suggesting they may have monitored victims' movements through infected cameras.
The institute said this combination of device neutralisation and account-based propagation is "unprecedented" among known North Korean cyberattack operations.
"It demonstrates the attacker's tactical maturity and advanced evasion strategy, marking a key inflection point in the evolution of APT tactics," it added.
APTs, short for advanced persistent threats, refer to a series of sophisticated and long-term cyberattacks.
Last week, South Korea's defence ministry "strongly condemns" North Korea's suspected ballistic missile launch, calling for the North to halt acts that heighten tension between the Koreas.
The ministry said it "strongly condemns the recent ballistic missile launch by the North, and expresses deep regret for (the North's) statement denouncing South Korea-U.S. annual exercises and conference," the ministry said in a notice to the press.
It also called on North Korea to "immediately halt" all acts heightening tensions between the two Koreas.
On Friday, North Korea launched one suspected short-range ballistic missile toward the East Sea, the day after it warned of proper measures against the latest U.S. sanctions on Pyongyang.
Disclaimer: This post has been auto-published from an agency feed without any modifications to the text and has not been reviewed by an editor