North Korean hackers mimic internet giant Naver to extract data

By Kuksung Nam, The Readable
Jun. 14, 2023 6:10PM GMT+9

The South Korean intelligence agency issued a warning on Wednesday after discovering a duplicated fake website of the internet giant Naver created by North Korean state-sponsored hackers.

In a press release, the National Intelligence Service (NIS) stated that they discovered a phishing website nearly identical to Naver and attributed the hacking attempt to North Korean hackers. The cybercriminals created a fake website under a domain address “,” adding the word “portal” to the original address. South Koreans usually refer to the largest internet company’s webpage as Naver since it serves as the biggest search engine in the country.

According to the evidence disclosed by the intelligence agency, the attackers have meticulously copied the country’s most well used website and its subpages, making it impossible for users to discover the difference with the naked eye. The NIS explained that the cybercriminals are evolving their attacking methods to heighten their chances of extorting South Koreans’ personal information.

Until recently, North Korean hacking groups have created fake sign in pages and lured users to enter their credentials. According to a report issued by the NIS last May, which analyzed North Korea attributed cyberattacks from 2020 to 2022, 74% of their illegal activities were conducted through compromised emails. In those online messages, the hackers impersonated themselves as Naver 45% of the time and sent false security alert notices to trick users.

The NIS strongly advised South Koreans to cut off access to any other domain address except for the internet giant’s official one. “We have informed associated agencies about this hacking attempt, and they are working on blocking the phishing website,” said the NIS in the statement. “We are tracking state-sponsored hacking groups’ activities by sharing intelligence with foreign organizations, as the phishing site’s server is based aboard.”

The cover image of this article was designed by Areum Hwang.

Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and privacy by engaging with industry giants, foreign government officials and experts. Before joining The Readable, Kuksung reported on politics for one of South Korea’s top-five local newspapers, The Kyeongin Ilbo. Her journalistic skills and reportage earned her the coveted Journalists Association of Korea award in 2021 for her essay detailing exclusive stories about the misconduct of a former government official. She holds a Bachelor’s degree in French from Hankuk University of Foreign Studies, a testament to her linguistic capabilities.