Alphabiz - CJ OliveNetworks Digital Certificate Compromised in Suspected North Korean Cyberattack

속초25.5℃
북춘천20.5℃
철원20.4℃
동두천21.7℃
파주20.0℃
대관령20.5℃
춘천20.6℃
백령도22.8℃
북강릉25.6℃
강릉26.7℃
동해27.1℃
서울23.2℃
인천24.7℃
원주21.7℃
울릉도25.6℃
수원23.4℃
영월20.3℃
충주22.8℃
서산24.2℃
울진27.7℃
청주25.3℃
대전24.5℃
추풍령23.3℃
안동23.2℃
상주23.3℃
포항26.1℃
군산25.1℃
대구24.5℃
전주26.0℃
울산26.7℃
창원26.4℃
광주24.2℃
부산27.5℃
통영25.1℃
목포25.5℃
여수25.6℃
흑산도25.1℃
완도25.3℃
고창25.8℃
순천22.2℃
홍성23.3℃
서청주23.1℃
제주27.7℃
고산28.7℃
성산27.8℃
서귀포28.6℃
진주24.5℃
강화23.1℃
양평19.7℃
이천21.3℃
인제20.1℃
홍천20.4℃
태백20.7℃
정선군19.9℃
제천20.4℃
보은22.7℃
천안23.0℃
보령26.9℃
부여23.5℃
금산23.9℃
세종24.5℃
부안25.6℃
임실23.2℃
정읍25.4℃
남원23.2℃
장수22.3℃
고창군25.6℃
영광군25.2℃
김해시26.0℃
순창군22.9℃
북창원26.3℃
양산시25.7℃
보성군25.3℃
강진군25.7℃
장흥24.2℃
해남26.1℃
고흥25.3℃
의령군22.9℃
함양군23.2℃
광양시26.7℃
진도군26.6℃
봉화20.4℃
영주21.7℃
문경22.1℃
청송군24.6℃
영덕28.0℃
의성24.3℃
구미24.3℃
영천24.4℃
경주시25.6℃
거창23.7℃
합천24.3℃
밀양24.5℃
산청24.4℃
거제26.2℃
남해25.1℃
북부산26.7℃

2025.09.16 (화)
모바일버전

CJ OliveNetworks Digital Certificate Compromised in Suspected North Korean Cyberattack: Reporter Kim Jisun / approved : 2025-05-08 03:35:16

Photo courtesy of CJ

[Alpha Biz= Kim Jisun] As SK Telecom continues to face backlash over recent USIM hacking incidents, another major South Korean conglomerate has fallen victim to a cyberattack. A digital certificate file belonging to CJ OliveNetworks, the IT affiliate of CJ Group, has reportedly been compromised and misused in malware attributed to North Korean hackers.

CJ OliveNetworks Certificate Found Embedded in North Korean Malware
According to cybersecurity sources on May 7, a malware file linked to North Korea and released late last month was discovered to contain a digital signature issued by CJ OliveNetworks.

Digital certificates are used to verify that software comes from a trusted source and has not been tampered with. The presence of CJ OliveNetworks' certificate in malware strongly suggests that the certificate was stolen—likely by North Korean threat actors—raising serious security concerns.

CJ OliveNetworks confirmed that it became aware of the breach late the previous night and promptly reported the incident to the Korea Internet & Security Agency (KISA).

Suspected Involvement of North Korea's "Kimsuky" Hacking Group
The hacking group behind the attack is believed to be Kimsuky, a well-known North Korean state-sponsored cyber unit. Chinese cybersecurity firm RedDrip Team reported that Kimsuky attempted to use the stolen certificate to launch an attack on the Korea Institute of Machinery and Materials (KIMM), a national research institute.

CJ OliveNetworks is responsible for managing and developing the IT infrastructure for key CJ Group affiliates, including CJ Logistics and CJ ENM. The breach highlights the growing cybersecurity threats faced by South Korea’s largest conglomerates.

Growing Concern Over State-Sponsored Attacks Targeting Major Korean Firms
This incident comes amid heightened concerns about the vulnerability of critical IT infrastructure in South Korea, particularly as high-profile tech companies face increasingly sophisticated cyber threats from state-sponsored actors.

Security experts are calling for tighter digital certificate management protocols and improved coordination between corporations and national cybersecurity agencies to prevent future breaches.