North Korea Allegedly Used Antivirus Software to Steal Defense Secrets

A breach of South Korea’s military database by suspected North Korean hackers originated in compromised third-party cybersecurity software and was made possible by an unintended connection to the internet, according to people familiar with the attack.

.. it occurred within a military intranet believed to have been cut off from the internet and therefore protected from outside hacks.

.. To gain entry, North Korean hackers first attacked a Seoul-based firm, Hauri Inc., which makes the antivirus software installed on computers used by South Korea’s military, the people said. The hackers then embedded the malware onto the antivirus software, allowing North Korean operatives to infiltrate military servers.