The South Korean government believes they have found evidence that shows North Korea is behind cyberattacks aimed at its financial sector and nuclear operators. The malicious code was designed to delete files from infected PCs, which prevented banking customers from transferring money online or withdraw money in-person.
"The malicious codes used in the attack were same in composition and working methods as 'Kimsuky' codes known to be used by North Korea," according to the South Korean prosecutor's office, and noted by CNN. In addition, some IP addresses were traced back to Shenyang, China, which is along the border between China and North Korea - with North Korea reportedly relying on China's more established Internet infrastructure to launch attacks.
North Korea's growing cyber ability tends to be focused on South Korea, with financial institutions, nuclear power operators, and private sector companies all targeted in the past.