South Korean hacker worked for Pyongyang

A 37-year-old former military officer was apprehended yesterday for allegedly plotting with North Korean spies by funneling classified intelligence to the Kim Jong-un regime and planting malicious programs in local computer networks.



The suspect, identified by the surname Jeon, was detained for violating the National Security Law on five occasions from November 2011 to January 2013, the Gyeonggi Provincial Police Agency briefed yesterday. It added that he previously was part of the Reserve Officer Training Corps (ROTC).



Jeon reportedly told police that, as a father of four children, he “inevitably committed the crime due to financial strains.”



Police reports indicate that the plot dates back to Nov. 2011 when Jeon first made contact with a North Korean agent working for a hacking unit under North Korea’s Reconnaissance General Bureau.



Jeon told police that at that time, he was running an illegal business developing software programs to “automatically collect cyber money in online games,” and that he happened to grow close to a similar business operator in North Korea, who was connected with the spy agency.



His initial intention was to interact only in a business sense, Jeon told police officers. His alleged crimes came later when his North Korean partner “began to make other requests” such as to send confidential information.



The first order he reportedly received from North Korea was to collect a list of refugees who settled at Hanawon, the state-run resettlement center for recently defected North Koreans.



Another instruction was to collect the IP address of a server at the Public Procurement Service (PPS), which is in charge of purchasing goods and services on behalf of public organizations in Korea.



Both of those attempts failed. Jeon and his accomplice communicated via email, according to police.



What did succeed was a transmission in Aug. 2012 of PPS documents police officers said were used as educational materials teaching about electronic bidding by private companies.



From January to March 2012, Jeon was also found to have “indiscriminatingly” spread a malicious program to “various domestic websites,” authorities said.



Gyeonggi police officers said yesterday that Jeon had sent 160 million won ($146,000) to the North Korean spy through a third party in China, and in return, received 50 million won as a “reward.”



The 160 million won, police said, were profits Jeon earned after illegally running the North Korean cyber money-collecting software programs here.



BY JEON IK-JIN AND LEE SUNG-EUN [selee@joongang.co.kr]







