February 23, 2024 at 01:56PM
North Korean hackers have been found spying on Russia by planting a backdoor within Russian government software. The backdoor was bundled inside a Russian-language installer associated with an internal tool, “Statistika KZU,” used by Russia’s Ministry of Foreign Affairs. This reveals a targeted and precise approach by North Korean hackers in their cyber activities against Russia.
Key takeaways from the meeting notes:
– North Korean state hackers have been targeting Russia by placing a backdoor inside internal government software.
– The backdoor was found in Russian-language installer associated with a software called “Statistika KZU,” likely used by Russia’s Ministry of Foreign Affairs for relaying annual statistical reports from overseas consular posts.
– The use of the backdoor in software exclusively used by the Russian Foreign Ministry indicates a targeted and precise approach by North Korean hackers.
– Despite the longstanding friendship between Russia and North Korea, the latter’s hackers have been conducting extensive spying activities on Russian companies, diplomats, and policy experts for several years.
– The potential information-gathering efforts of North Korean hackers targeting Russian foreign policy end-targets have raised questions about how they could have known about internal Russian government software.
– Bambenek points out that spying on putative allies is not uncommon for intelligence agencies, either to strengthen the relationship or to identify and mitigate threats.
These takeaways highlight the targeted and sophisticated nature of North Korean state hackers’ activities, particularly their use of backdoors in specific Russian government software and their history of spying on Russian entities despite the friendly relationship between the two countries.