The excavated funds automatically flow into a server belonging to Kim Il Sung University, where hackers would like to type in the three-letter password KJU, which may be the initial letter of North Korean leader Kim Jong Un. Malicious code is not well written, meaning it is more likely to be done by a school student than “Lazarus”, a North Korean elite hacking organization.
Network security researchers say Pyongyang hackers have targeted Monroe in recent months, hunting for the cryptocurrency at infected banks and private-company servers.
Reference: Reuters
