May 1 (UPI) -- A South Korean cybersecurity firm has identified a North Korea hacking group that recently launched a spear-phishing attack while impersonating employees of Seoul's unification ministry.
East Security Response Center said Wednesday the breach, which was used to target people last weekend, was undertaken by hackers who attack North Korea advocacy groups and included emailed attachments with malicious code, local newspaper JoongAng Ilbo reported.
The firm's chief executive Moon Jong-hyun said his company has dubbed the group "Venus 121," and that the hackers have been active since at least 2017. The most recent breach and other attacks follow a similar pattern, the firm said.
"The cyberattackers are given a name according to the hacking method used, and the users they targeted," Moon told the JoongAng, adding Venus 121 has a "hidden meaning" and is likely a North Korea "government-sponsored organization." He also said unless the North Korean government confirms the cyberattack, his firm cannot with finality say the attack was of North Korean origin.
North Korea has been accused of other hacking incidents, including the cyberattack against Sony Pictures in 2014. The U.S. Department of Justice said in 2018 the hacking of the Bangladesh central bank in 2016, the 2014 Sony breach and a 2017 Ransomware attack were the work of Pak Jin Hyok, a North Korean national.
North Korea rights activists are being targeted at a time when North Korea state media is championing engagement South Korea groups.
KCNA reported Wednesday South Korean labor unions had called for the enforcement of the Panmunjom and Pyongyang declarations between North and South.
Labor unions in the South have previously hosted North Korea labor groups for civic exchange.