According to a local news outlet Hankyung, five people are arrested in South Korea for injecting malicious codes in more than 6000 personal computers. The crime, so-called as ‘cryptojacking’, involved a malware in the form of code which exploits the PCs as zombie PC for virtual currency mining.
The Cyber Security Bureau of the National Police Agency stated in an official statement that four of the suspects are arrested. As per the reports only a single name ‘Kim’, who is just 24 years old, disclosed as of now.
Last year, in the time period October to December, Kim has his friends collected more than 32,000 e-mail IDS from the people who were seeking a job in their firm. Later, they send e-mails with a code known as ‘cryptojacking code’ to infect around 638 PCs. As per the police, the group of hackers sent the email with a fake proposal to the job applicants.
Picked Unemployment as Bait
According to the reports of the Cyber Bureau, hackers gained those e-mail addresses on recruitment platforms and various job forums. The people were trying to seek a job, as unemployment is an issue these days; therefore they picked this as chance to hack people.
The hackers then sent the email to the people who filled the application on the various recruitment platforms. The attractive interface took the attention of the people and the individual clicked on the misleading files and downloaded them on their PCs, believing that the files were sent by the firm. This led to installing malware on their PCs in the background without the permission of the individual.
However, some people had installed advanced antivirus on their PCs, which saved them from the infection as the software itself deleted the malware within three to seven days.
The local police said, “Because cybersecurity firms and anti-virus software operators responded quickly to the distribution of mining malware, the group of hackers was not able to generate significant revenue from their operation. In most cases, anti-virus software detected the malware within three to seven days. If the malware was detected, the hackers sent new malware, but it was detected again by anti-virus software,”
This scam was carefully planned and was able to penetrate into more than 6000 PCs, which led hackers to generate a profit of around 1000 USD.