A single group of hackers have been targeting servers in South Korea for nearly four years, according to McAfee. The group spied on the South Korea military and provide one possible motive for ongoing attacks on South Korea that date to 2009.
McAfee, said they were carried out by a hackers group known as the New Romanic Cyber Army Team. Clearly anything with a name so 1980s is probably based in a place which is so backward that it still thinks shoulder pads for women are a pretty innovative idea. Seoul has blamed North Korea for some of the cyber attacks although Pyongyang denies responsibility and says it too has been a victim.
McAfee released a 29-page technical paper that analyzed the code of the software used by those hackers. It said the hacking gang infected PCs with sophisticated software that automatically sought out documents of interest by scanning computers for military keywords in English and Korean. Once the software identified documents of interest, it encrypted those files then delivered them to the hackers' servers, McAfee said.
The word Troy frequently appeared in the code of the malicious software. The New Romanic Cyber Army Team makes frequent use of Roman and classical terms.
You can read the report here.