SEOUL (Reuters) – North Korean hackers have set up a fake website that looks almost identical to the popular South Korean web portal Naver, marking a more sophisticated attempt to target users in the South, Seoul’s spy agency said.
The National Intelligence Service (NIS) issued a warning this week, urging people to refrain from accessing the website called “Naver Portal” and said it was working with overseas organisations to track down the activity of the group it believed was behind the fake portal.
“North Korea’s hacking attacks targeting South Koreans are getting more elaborate,” the spy agency said in a statement on Wednesday.
Naver, which is operated by the tech giant of the same name, is South Korea’s most-used web portal and search engine and offers various services ranging from email, news aggregation and online shopping.
The NIS did not say how many people may have been tricked by the portal or had disclosed personal information.
A Naver representative on Thursday said: “We urge users to pay attention to the domain address when accessing Naver.”
North Korean hackers have been blamed for cyberattacks netting millions of dollars, though Pyongyang previously has denied being involved in cybercrime.
Earlier this year, the United Nations reported North Korea had stolen more cryptocurrency assets in 2022 than in any other year. International monitors say stolen money has been pumped into North Korea’s sanctioned nuclear and missile programs.
More than 70% of North Korean hacking attempts are via emails, most of them pretending to have been sent under the names of South Korean web portals such as Naver and Daum, the NIS said last month, describing them as “social engineering” attacks.
(Reporting by Hyunsu Yim; Editing by Ed Davies and Lincoln Feast.)
