Code Reuse
The misuse of a tech leaked from an Italian hacking company has reportedly resulted in the spread of malicious code at South Korean websites related to North Korea.
On July 22, security experts warned that a piece of malicious code has been spreading from 5 local websites related to North Korea since July 8, including a North Korean defector gathering site and a site for studying North Korea. A drive-by download method was used to distribute malware, meaning malware was automatically installed in users' PCs when accessing relevant sites. When computers are infected with malware, important information stored in the PC can be sent to the malware creator's server.
After analyzing malicious code, experts found that the malware was connected to hacking source code leaked from the Italian spyware and hacking tool provider Hacking Team, which recently caused quite a stir.
“We found that a piece of malicious code was spread in five web sites related to North Korea,” said Choi Sang-myung, head of the Next Generation Security Research Center in Hauri, who first discovered the malware infection. He added, “After analyzing the malicious code, we found that two kinds of vulnerabilities of Adobe Flash Player that were obtained from data leaked by Hacking Team were used. And we also discovered that the same code as North Korean hackers mostly used was inserted in the malware.”
There is increasing anxiety about mobile cyber threats, since the incident shows the vulnerabilities of both PCs and smartphones. Among the source code leaked from Hacking Team, some enables hackers to steal the authority from smartphones instantly, and thus see and manipulate stored information by spreading mobile malware.