North Korean Hackers Cited in Rare Attack in Israel

The plot was uncovered when an employee of the unidentified Israeli firm received an email from a colleague in broken Hebrew

Oded Yaron
Oded Yaron
Send in e-mailSend in e-mail
North Korea's leader Kim Jong Un attends a welcoming ceremony at the Presidential Palace in Hanoi , Vietnam, March 1, 2019.
North Korea's leader Kim Jong Un attends a welcoming ceremony at the Presidential Palace in Hanoi , Vietnam, March 1, 2019.Credit: Reuters
Oded Yaron
Oded Yaron

The North Korean hacker group Lazarus targeted an Israeli security company for industrial espionage purposes, ClearSky, a cybersecurity firm, reported on Sunday.

ClearSky said the cyberattack was discovered on March 7, when an employee of the unidentified security company received a suspicious-looking message from a colleague on his company’s internal messaging system.

The email, which was written in broken Hebrew, contained a malicious file that was uploaded for examination to the online service VirusTotal, which allows files to be checked by dozens of antivirus programs simultaenously.

To really understand Israel and the Middle East - subscribe to Haaretz

“We believe with moderate certainty that the attack was carried out by the North Korean Lazarus group. If that is true, it would be one of the firs [by the group] directed at Israel, as far as we know,” the report said.

FILE Photo: ClearSky Cyber Security CEO Boaz Dolev. Credit: No credit

North Korea has its own unique characteristics,” ClearSky CEO Boaz Dolev told Haaretz. “It stages attacks as a country would and steals money like a criminal organization.”

One of the issues that is currently preoccupying the cybersecurity industry is concern over computer software vulnerabilities that are unknown to cybersecurity experts or even to software developers themselves.

Until they are discovered and blocked by software patches or other means, they can be exploited to commit cyberattacks. Such vulnerabilities are considered the holy grail of cyberespionage and companies and intelligence agencies are prepared to pay tens of thousands of dollars or more for information about such potential breaches.

But in the case at hand, as in many others, the vulnerability — due to the fact that the email as opened with Winrar software that had not been updated — had been publicized by Israel’s Check Point Software Technologies last month. But it’s doubtful that most users have updated their software.

Dolev added: “The case of Winrar is especially worrisome because it’s a program installed on hundreds of millions of computers in Israel and all over the world, but it doesn’t have an automatic update mechanism to provide protection if necessary.”

Click the alert icon to follow topics:

Comments

SUBSCRIBERS JOIN THE CONVERSATION FASTER

Automatic approval of subscriber comments.

Subscribe today and save 40%

Already signed up? LOG IN

ICYMI

U.S. antisemitism envoy Deborah Lipstadt and Prime Minister Yair Lapid shake hands, on Monday.

U.S. Envoy: ‘If This Happened in Another Country, Wouldn’t We Call It Antisemitism?’

Dr. Claris Harbon in the neighborhood where she grew up in Ashdod.

A Women's Rights Lawyer Felt She Didn't Belong in Israel. So She Moved to Morocco

Avi Zinger, the current Israeli licensee of Ben & Jerry’s, who bought the ice cream maker's business interests in Israel.

Meet the Israeli Who Wants to Rename Ben & Jerry's Chunky Monkey ‘Judea and Samaria’

Election ad featuring Yair Lapid in Rahat, the largest Arab city in Israel's Negev region.

This Bedouin City Could Decide Who Is Israel's Next Prime Minister

Mohammed 'Moha' Alshawamreh.

'It Was Real Shock to Move From a Little Muslim Village, to a Big Open World'

From the cover of 'Shmutz.'

'There Are Similarities Between the Hasidic Community and Pornography’