A local information security company says North Korea's hacking group "Kimsuky" has expanded malignant code attacks to encompass broadcasters and private businesses.

According to AhnLab on Tuesday, the group's malignant codes are being circulated in the form of cover letters and mobile app service proposals.

The codes, which were disseminated to security-related institutions and agencies last month, are circulating with new file names suggesting that they are a list of questions for a KBS program, a cover letter from a job applicant or an app proposal document.

Once downloaded, a macro code is executed that initiates the leak of Microsoft Word file lists, vaccine information, and data on the download folder path. 

The security firm advised the public to refrain from opening files attached to emails without a recognized sender and ensure that macros included in Microsoft Office files are not automatically executed.

The Kimsuky group had carried out a hacking attack on the Korea Hydro and Nuclear Power Company in 2014, and has consistently attempted to hack public institutions, cryptocurrency systems and security-related entities in South Korea.