North Korea hacked a South Korean nuclear research institute. The attack on South Korea's state-run Korea Atomic Energy Research Institute was able to take place due to an exposed VPN flaw.
- An IP address associated with the attack has been linked to Kimsuky, a North Korean group known for cyber attacks against think tanks and nuclear power-related entities in South Korea.
- This is just one of Kimsuky's latest malware-related attacks on government entities. The group installs a Windows and Android backdoor called AppleSeed on devices, which steals information from victims.
- Other entities targeted by Kimsuky include the Ministry of Foreign Affairs, the Deputy Consul General at Korean Consulate General in Hong Kong, the Ambassador of the Embassy of Sri Lanka, and the Nuclear Security Officer of the International Atomic Energy Agency.