A hacking gang with ties to North Korea has initiated a new type of malware that allows it to remotely take control of Android devices and PCs in order to erase important data, such as contacts, documents, and images.

According to a report by the Genians Security Center (GSC), a South Korean cybersecurity institute, the group—which is thought to be connected to Pyongyang-sponsored groups Kimsuky or APT37—infiltrated victims’ PCs and smartphones using malware distributed via KakaoTalk and stole account information for Google and major domestic IT services.

After verifying that the victims were not in their homes or places of employment using Google’s location-based tracking system, they remotely reset the smartphones, according to Yonhap news agency.

According to the study, the remote reset prevented the device from operating normally, preventing messenger app notifications and message alerts and thus cutting off the account owner’s awareness channel. This delayed detection and response.

Important information kept on the compromised devices, including as contacts, documents, and images, was entirely erased during this procedure.

Simultaneously, the attackers used PCs and tablets that were already infected in the victims’ homes or places of employment to distribute malware to contacts under the guise of “stress relief programs.”

According to the GSC report, the hackers might have watched victims’ movements using compromised cameras by using webcams on PCs to verify whether victims were away from home.

This combination of account-based dissemination and device neutralization is “unprecedented” among known North Korean cyberattack activities, according to the institute.

“It demonstrates the attacker’s tactical maturity and advanced evasion strategy, marking a key inflection point in the evolution of APT tactics,” it stated.

Advanced persistent threats, or APTs for short, are a class of complex and persistent cyberattacks.

The defense ministry of South Korea “strongly condemns” North Korea’s alleged ballistic missile test last week and urges the North to stop actions that increase tensions between the Koreas.

In a notice to the media, the ministry stated that it “strongly condemns the recent ballistic missile launch by the North, and expresses deep regret for (the North’s) statement denouncing South Korea-U.S. annual exercises and conference.”

Additionally, it demanded that North Korea “immediately halt” any actions that would increase tensions between the two Koreas.

The day after it threatened to take appropriate action in response to the most recent U.S. sanctions against Pyongyang, North Korea fired one suspected short-range ballistic missile toward the East Sea on Friday.