N Korean hackers may attack 20 lakh Indians with Covid-19 phishing emails


New Delhi, Jun 20 (IANS): India is among six nations that may see a large cyber attack on June 21 in the form of Covid-19 themed phishing campaign from North Korean state hackers.

The attack are part of the Lazarus Group's large-scale campaign targeting more than 50 lakh individuals and businesses, including small and large enterprises, across six countries: India, Singapore, South Korea, Japan the UK and the US, according to a ZDNet report on Friday.

"The North Korean hacker group is looking to gain financially from the campaign, where targeted email recipients will be asked to visit fraudulent websites and lured into revealing their personal and financial data," according to Singapore-headquartered cybersecurity vendor Cyfirma.

Lazarus' hackers claimed to have details of 11 lakh individual email IDs in Japan, another 20 lakh in India, and 180,000 business contacts in the UK.

The attack would include 8,000 organisations in Singapore where the business contacts highlighted in an email template were addressed to members of the Singapore Business Federation (SBF), said the report.

Introduced in 2001 by the Ministry of Trade and Industry, SBF is responsible for promoting Singapore businesses and currently represents 27,200 companies.

"The targeted Singapore businesses would reportedly receive phishing email messages -- written in Chinese -- from a spoofed Ministry of Manpower account, supposedly offering additional payouts for employees under the government's Covid-19 support packages".

According to Cyfirma's Founder and CEO Kumar Ritesh, they have notified government CERTs (Computer Emergency Response Team) in Singapore, Japan, South Korea, India, and the US, as well as the UK National Cyber Security Center.

All six agencies had acknowledged the alert and currently were investigating.

"In the past six months, we have also monitored hacker activities related to the COVID-19 pandemic, especially with regards to hoax, phishing, and scam campaigns," Ritesh was quoted as saying.

Lazarus group is controlled by the Reconnaissance General Bureau, North Korea's primary intelligence bureau.

The Lazarus Group's activities were widely reported after it was blamed for the 2014 cyber attack on Sony Pictures Entertainment and the 2017 WannaCry ransomware attack on countries including the US and Britain.

In September last year, a malware created to infiltrate Indian ATMs and steal customers card data was traced by Kaspersky security researchers to the Lazarus group.

  

Top Stories

Comment on this article

  • John, Mangalore

    Sat, Jun 20 2020

    Need to delete chinese apps also communists are showing their godless colors now, how they are united now to bring chaos and their godless rule everywhere. We need strong prayers to protect our infrastructure, our military and our mother land also so that God could fix them for their wicked adventures as there are lot meteors, asteroids, comets these days God has kept it for these times.

    Refer following site for current meteors, asteroids, comets.... https://minorplanetcenter.net

    DisAgree [1] Agree [6] Reply Report Abuse

  • smr, Karkala

    Sat, Jun 20 2020

    The BJP worker has already burned the North Korean President 'Kim Jong-un' mocks for China 'Xi Jinping' for border killing of our soliders.

    There are already many fake accounts form BJP IT cell that was even forwarded by the top BJP leaders to blame the border tension of Congress leader Rahul Gandhi.

    Jai Hind

    DisAgree Agree [15] Reply Report Abuse


Leave a Comment

Title: N Korean hackers may attack 20 lakh Indians with Covid-19 phishing emails



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.