A prominent hacking group known as CyberDragon has reportedly launched a cyber offensive against South Korea, targeting several government and financial institutions, as well as Incheon Airport in a distributed denial-of-service (DDoS) attack. As of now, there has been no confirmation of a data breach.
CyberDragon, which has affiliations with both Chinese and Russian entities, has been targeting countries critical of Russia’s actions in Ukraine. This recent attack appears to be in response to South Korea’s involvement in a Ukraine peace summit aimed at resolving the conflict with Russia. Seoul had previously increased its aid package to Ukraine to $394 million for the year 2024.
In a statement posted on the dark web, CyberDragon accused South Korea of promoting Russophobia and claimed responsibility for targeting numerous websites, including:
- Shinhan Financial Group, one of South Korea’s major financial institutions providing a wide range of financial services.
- Korea Eximbank (KEXIM), the official export credit agency supporting South Korea’s export-oriented economy.
- Korea Customs Service, responsible for customs and taxation in South Korea.
- Korean National Police Agency (KNPA), a national law enforcement agency.
- National Tax Service, overseeing taxation in South Korea.
The attack appears to have been a DDoS aimed at disrupting the services of these organizations, though it remains uncertain whether sensitive data was compromised. Despite the claim of an attack, the organizations affected have not publicly acknowledged any breach and have reportedly restored their websites’ functionality shortly after the incident.
CyberDragon has gained attention previously for similar operations, including a significant disruption in March 2024 that resulted in a 24-hour outage of a website and app, although the extent of data compromise in that incident was not confirmed.
The group’s operations underscore the ongoing challenges organizations face in defending against cyber threats. With geopolitical tensions influencing cyber activities, it is imperative for entities worldwide to maintain vigilance and enhance cybersecurity measures to mitigate such risks effectively.
Source: thecyberexpress.com
