Hacking attacks assumed to be conducted by North Korea are frequently launched against medical institutions, such as large hospitals or pharmaceutical companies. These medical institutions mostly hold COVID-19 vaccine-related information, raising a suspicion that the North is trying to steal vaccine information.
According to the security industry on Wednesday, a hacker from a hacking group titled Kimsuky under the Reconnaissance General Bureau of North Korea opened a phishing website that replicates the website of Severance Hospital of Yonsei University around 10:55 a.m. on Tuesday.
It is believed that North Korean hackers send emails to the employees of Severance Hospital to lead them to access the phishing website and input IDs and passwords. Then, the hackers access the actual corporate groupware to steal personal information. It has not been confirmed how many employees have received the email and if any information has been stolen through the website.