North Korean agents trying to break blogs?


North Korean Economic Report

For those of you not reading the independent North Korean Economic Report site, its writer Curtis Melvin is reporting some fresh attacks against their systems that seem to have come from their namesake. And I thought I had tough critics.

A few months ago I wrote about two attempts to hack into my computer. The post is here if you are interested. Well, since then I have fended off no less than six attempts to break into my computer–including two attempts just today (three this week). One email containing a virus was ostensibly from a North Korea expert and the second email was intended to look like it came from the Korea Economic Institute (it even referenced an actual upcoming event of theirs). I know of several others who have been targeted and some who have even been infected so please be careful out there. Someone is still not playing nice.

No kidding.

For those of you not familiar with the site, North Korean Economy Watch is a fascinating blog on not just the economics of North Korea (that they glean facts about through watching it, I'm assuming) but also a ton more other stuff with plenty of photos, maps and links. I follow very few blogs like this, but only because ones of this calibre are so hard to find these days in an ocean of me-too gadget blogs with hundreds of writers. Really, how many more of those do we need!? But I digress.

I don’t come up with these terms

I haven't read into the finder details of the attack, but it seems like a case of spearfishing or "weaponised" email to use the latest security conference parlance. Instead of using botnets of readily infected Windows machines, some of the craftier malicious hackers are now targeting specific recipients by searching for vulnerabilities and exploring them to deliver their payload. In this case, some social engineering was employed to (attempt) to trick the North Korean Economy Watch folks by disguising the email as being from an agency they have a relationship with in order to lull them into a false sense of security so they'd lower their guard. Once you've done that, you can wreck havoc on their systems (or site accounts, or credit cards in other cases).

I'm relieved their site is okay, and that they practice due diligence when reading email; most people don't which is what terrifies me. No doubt we haven't heard the last of such attacks.

On an unrelated note, I have a sudden craving for kimchi, haven't had it in ages. Who's up for some?

Author bio and support


Ruben Schade is a technical writer and infrastructure architect in Sydney, Australia who refers to himself in the third person. Hi!

The site is powered by Hugo, FreeBSD, and OpenZFS on OrionVM, everyone’s favourite bespoke cloud infrastructure provider.

If you found this post helpful or entertaining, you can shout me a coffee or send a comment. Thanks ☺️.