Go to contents

North Korean hackers withdraw from their hub in Shenyang

North Korean hackers withdraw from their hub in Shenyang

Posted January. 11, 2018 08:09,   

Updated January. 11, 2018 08:28


North Korean hackers have reportedly left Chilbosan hotel in Shenyang of Liaoning Province, China at the end of last November, about a month earlier the hotel was permanently closed on Tuesday. The hotel used to be a hub of North Korean hackers.

“North Korea’s IT engineers who had engaged in illegal hacking activities stayed in Chilbosan hotel,” said sources familiar with the North on Wednesday. “As the hotel’s closure approaches, they seem to have withdrawn from the hotel with hacking equipment as they are afraid of being caught.”

About 20 to 30 North Korean hackers are estimated to have stayed in the hotel, which is only 5 percent of approximately 500 IT experts working in Yanji of Jilin Province. However, while IT engineers in Yanji were relocated to earn more foreign money, IT engineers in Shenyang were mostly engaged in spying mission. Most of the North’s hacking activities have been found to be orchestrated from Shenyang. For example, South Korea’s national defense network was hacked by servers with IP addresses in Shenyang in September 2015, according to the military’s finding.

Dandong Hongxiang Group, which had been sanctioned for its legal transactions with the North, and Chilbosan hotel, which had been operated as a joint venture, closed on Tuesday.

Wan-Jun Yun zeitung@donga.com · Dong-Yeon Jung call@donga.com