Genesis Day, a pro-Russian hacktivist group, claims to have breached Samsung’s internal servers over South Korea’s cooperation with NATO.
Attackers posted an ad on a popular hacking forum, alleging they breached South Korea’s manufacturing conglomerate Samsung.
Threat actors, who call themselves Genesis Day, claim they found their way into Samsung’s internal FTP service, used by Samsung Group in South Korea.
“Because South Korea has recently strengthened its cooperation with NATO and targeted other countries. We hacked into the internal FTP service of the Samsung Group in South Korea, “the attackers said.
Sample data investigated by the Cybernews research team allegedly includes Samsung’s corporate manuals for logging in, an employee password, and several educational videos. However, the data sample doesn’t strike as containing sensitive data.
We reached out to Samsung for comment but haven’t received a reply before going to press.
The attackers tried to build on the momentum, promising to leak an additional 2.4GB of data stolen from the South Korean conglomerate.
“We don’t mind a massive network crash in South Korea if they continue to take targeted action. This is just the beginning,” threat actors said.
While the motivation of pro-Russian threat actors is likely to advance the Kremlin’s interests in Ukraine, the rationale behind the attack seems murky.
The New York Times wrote on January 17 that the Republic of Korea refused to ship artillery shells to Ukraine, as the move would violate the country’s arms export rules. Instead, the government in Seoul opted to help the US replenish its stocks elsewhere.
Competing hacktivist groups have launched numerous attacks since Russia invaded Ukraine on February 24, 2022, with Anonymous, IT Army, Hacker Forces, OneFist, and many others targeting Russia’s state-owned enterprises and businesses.