Alphabiz - CJ OliveNetworks Digital Certificate Compromised in Suspected North Korean Cyberattack

속초6.0℃
북춘천-1.8℃
철원-2.8℃
동두천-1.2℃
파주-2.8℃
대관령℃
춘천-1.9℃
백령도3.7℃
북강릉6.2℃
강릉5.7℃
동해7.1℃
서울0.9℃
인천1.0℃
원주0.1℃
울릉도8.1℃
수원-0.1℃
영월-0.9℃
충주-1.0℃
서산0.1℃
울진6.8℃
청주2.5℃
대전1.1℃
추풍령0.8℃
안동0.6℃
상주2.0℃
포항5.8℃
군산2.7℃
대구5.0℃
전주1.9℃
울산4.0℃
창원6.0℃
광주4.6℃
부산6.3℃
통영5.7℃
목포6.4℃
여수5.9℃
흑산도10.2℃
완도7.0℃
고창3.3℃
순천2.8℃
홍성-0.5℃
서청주-0.9℃
제주12.2℃
고산12.1℃
성산10.9℃
서귀포10.7℃
진주2.2℃
강화-1.5℃
양평0.9℃
이천-1.4℃
인제-0.9℃
홍천-0.8℃
태백2.8℃
정선군1.1℃
제천-1.9℃
보은-0.4℃
천안-0.9℃
보령0.6℃
부여-0.3℃
금산-0.5℃
세종1.0℃
부안2.9℃
임실0.7℃
정읍1.8℃
남원0.7℃
장수-1.5℃
고창군3.2℃
영광군3.9℃
김해시4.9℃
순창군2.4℃
북창원5.8℃
양산시5.0℃
보성군4.4℃
강진군5.3℃
장흥4.4℃
해남6.3℃
고흥3.8℃
의령군-0.7℃
함양군0.3℃
광양시4.1℃
진도군8.9℃
봉화-2.2℃
영주2.4℃
문경2.6℃
청송군-1.4℃
영덕4.7℃
의성-0.7℃
구미3.6℃
영천3.4℃
경주시4.6℃
거창-0.6℃
합천1.6℃
밀양2.8℃
산청1.4℃
거제6.8℃
남해7.1℃
북부산5.3℃

2025.11.03 (월)
모바일버전

CJ OliveNetworks Digital Certificate Compromised in Suspected North Korean Cyberattack: Reporter Kim Jisun / approved : 2025-05-08 03:35:16

Photo courtesy of CJ

[Alpha Biz= Kim Jisun] As SK Telecom continues to face backlash over recent USIM hacking incidents, another major South Korean conglomerate has fallen victim to a cyberattack. A digital certificate file belonging to CJ OliveNetworks, the IT affiliate of CJ Group, has reportedly been compromised and misused in malware attributed to North Korean hackers.

CJ OliveNetworks Certificate Found Embedded in North Korean Malware
According to cybersecurity sources on May 7, a malware file linked to North Korea and released late last month was discovered to contain a digital signature issued by CJ OliveNetworks.

Digital certificates are used to verify that software comes from a trusted source and has not been tampered with. The presence of CJ OliveNetworks' certificate in malware strongly suggests that the certificate was stolen—likely by North Korean threat actors—raising serious security concerns.

CJ OliveNetworks confirmed that it became aware of the breach late the previous night and promptly reported the incident to the Korea Internet & Security Agency (KISA).

Suspected Involvement of North Korea's "Kimsuky" Hacking Group
The hacking group behind the attack is believed to be Kimsuky, a well-known North Korean state-sponsored cyber unit. Chinese cybersecurity firm RedDrip Team reported that Kimsuky attempted to use the stolen certificate to launch an attack on the Korea Institute of Machinery and Materials (KIMM), a national research institute.

CJ OliveNetworks is responsible for managing and developing the IT infrastructure for key CJ Group affiliates, including CJ Logistics and CJ ENM. The breach highlights the growing cybersecurity threats faced by South Korea’s largest conglomerates.

Growing Concern Over State-Sponsored Attacks Targeting Major Korean Firms
This incident comes amid heightened concerns about the vulnerability of critical IT infrastructure in South Korea, particularly as high-profile tech companies face increasingly sophisticated cyber threats from state-sponsored actors.

Security experts are calling for tighter digital certificate management protocols and improved coordination between corporations and national cybersecurity agencies to prevent future breaches.