The South Korean police arrested five people for injecting malware into the computer of over 6,000 people. Local police combined efforts with the Cyber Bureau of the Korean National Police Agency to arrest a group of five hackers led by Kim Amu-Gae, 24, who released 32,435 emails containing encrypted malware .
These emails were sent over a period of two months: from October to December 2017. The group of hackers decided to send messages to many candidates who present themselves as employers. They played recruits and then sent individual e-mails to all the candidates.
The South Korean police believe that the e-mails contained encrypted encryption malware disguised as documents and files that were sent to people who have deposited their applications on the platform created by hackers. Because of this false trust constraint, more and more people opened files or downloaded them believing that the documents were legitimate and ended up installing the encryption program that was running against the background of their computers.
Because of the anti-virus software, most of the malware was eliminated in a few days, but the computer security companies started a survey on mining fraud and local experts discovered the scheme, alerting the police.
Because the response was so rapid, the group was not able to generate significant revenue at the time. In most cases, the malware was detected three to seven days after the infection, so while the infection was able to infect a total of over 6,000 people, only one profit was generated. about $ 1,000 USD.
It should also be noted that the opening rate was actually quite low for such an intense scam. Less than 20% of potential victims opened the software. Looking at it this way cryptographic malware the campaign was a total failure. Most users have not been affected and those that have remained have been infected for only a few months. Furthermore, security companies reacted very quickly.
Investigators have told local media that crypto-jacking significantly reduces computer performance and can be very dangerous when exposed to institutions and have a serious effect on society in general. For this reason, the presence of anti-virus software was essential to quickly complete the threat.
According to reports, Monero, a cryptocurrency that does not show your transactions and is therefore known as private currency, has been extracted from the group. The hashish rate of Monero is experiencing significant growth in recent months and it seems that a good part comes from hacked computers.
South Korea is a very crypto-intensive country. It could only have 0.67% of the world's population, but it is the third largest Bitcoin trader globally and has 17% of all traders of Ethereum in the world. This could be another factor for why so many scams and malware attacks come from the country.