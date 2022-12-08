Google’s Threat Analysis team found that hackers supported by the North Korean government spread malware in South Korea by making reference to the deadly Halloween crush in Seoul. The infection was hidden in Microsoft Office documents made to look like a government study on the tragedy. Over 150 people lost their lives when tens of thousands of teenage partygoers were crammed into tiny alleyways.

The Threat Analysis Group noted that “this occurrence was widely reported on” and that “the lure takes advantage of broad public interest in the tragedy.”

According to Google’s analysis, the activity was carried out by a North Korean hacking group called APT37, which aims to compromise South Korean users, North Korean defectors, policymakers, journalists, and human rights activists.

After receiving many reports from South Korean customers on October 31, it notified Microsoft of the issue. On November 8, Microsoft released a fix. Additionally, Google stated that it is still determining the malware’s ultimate goal despite having discovered that it used a flaw in Internet Explorer.

To fund its nuclear and ballistic missile programmes, North Korea has been accused by a United Nations panel of experts monitoring sanctions on the country of utilising stolen monies obtained through hacking.

North Korea does not reply to media requests for comment but has denied hacking charges.

Government officials advised companies in South Korea on Thursday not to hire IT specialists from North Korea.

The United States issued a similar warning in May, claiming that disgruntled North Korean freelancers were using the anonymity of the internet to make money for Pyongyang.