Operation Bookcodes – targeting South Korea
Tae-woo LeeKorea Internet & Security Agency (KrCert/CC)
Tae-woo Lee is in charge of analysis of malicious code and IR at the Korea Internet Security Center (KISC) of the Korea Internet & Security Agency (KISA). Before working at the KISA, he was a malware analyst at an anti-virus company in Korea (ROK). Currently, he is researching groups carrying out attacks (like ransomware, supply chain attacks and information leakage) that threaten cybersecurity in Korea. He is particularly interested in research related to preventing cyber attacks by groups composed of attackers who speak Korean.
Dongwook KimKorea Internet & Security Agency (KrCert/CC)
Dongwook Kim has been working for Korea Internet Security Agency since 2013 as a computer incident analyst. The team has a lot of experiences related to Internet security incident response (supply chain attacks, cryptocurrency exchange hacking and so on). Recently, Dongwook has been tracking and analysing specific hacking groups targeting Korea.
Byeongjae KimKorea Internet & Security Agency (KrCert/CC)
Byeongjae Kim has been doing intrusion analysis and malware analysis for 10 years at the Ministry of Defense and Korea Internet Security Agency. The agency team has analysed various cases of supply chain attacks recently and continue to think about how to respond. Byeongjae is currently analysing the TTPs of attack groups.