VERY IMPORTANT

Around the middle of 2017, various customized target attacks have emerged using Koreas popular communication services. This approach can be categorized as a kind of social network phishing (SNP) technique. The attack targets are those who are mainly engaged in North Korea related fields in Korea, and the attacks were carried out very secretly. In the early days, Android smartphone users became a major target and SNPs were used to spread Android malicious apps (APK). Attackers are beginning to use PC-based attacks to realize that there are users who use the instant messenger service version for PC while using this attack method. A case has been identified in which the Flash Player zero-day vulnerability has been exploited in this process.