North Korea created very phishy evil twin of Naver, South Korea's top portal

Think of it as a fake Google tuned for credential capture and you'll understand why authorities want to kill it

North Korea has created a fake version of South Korea's largest internet portal, Naver, in a large scale phishing attempt, Seoul's National Intelligence Service (NIS) said on Wednesday.

The fake portal,, mimics by providing a complete replica of real-time news, advertisement banners and even detailed menus from the real website in an effort to steal personal data from users, according to the spy agency.

Previous North Korean Naver clones only copied the service's login page and tried to obtain logins and passwords.

An NIS official said the imitation was so good it was "difficult to distinguish" between the two sites. NIS has asked the Korea Internet & Security Agency to shut down the now inaccessible phishing site.

Naver is often been described as South Korea’s answer to Google. Although globally the site owns just 0.23 percent of the web search market, it is the most usedsearch engine in South Korea.

Last year, NIS reportedlyestimated North Korean hackers stole ₩100 billion ($78 million) worth of virtual assets from 2017 until the end of 2022. Global theft came in at around ₩1.5 trillion ($1.2 billion).

Director general at South Korea’s Ministry of Foreign Affairs, Kim Geon, met with US officials and discussed North Korea's cyber threat on Tuesday.

While in the US, Kim met with Google subsidiary and cyber security firm Mandiant to "exchange opinions on the latest cyber threat trends in North Korea and to respond to them" and discuss public-private partnerships. ®

More about


Send us news

Other stories you might like