A North Korea-linked hacking group has launched a new form of destructive cyberattack that remotely deletes critical data, including photos, documents and contacts, from PCs and Android phones.

According to a threat analysis report released on Monday by South Korean cybersecurity firm Genians, the attackers, believed to be backed by North Korea, have gone beyond stealing personal information to directly causing real-world damage to everyday users.

According to the report, the group remotely reset the smartphone of a South Korean counselor specializing in North Korean defectors on September 5. 

The victim’s stolen KakaoTalk account was then used to distribute a malicious file disguised as a “stress relief program” to defectors and their contacts.

On September 15, a similar attack targeted the Android phone of a North Korean human rights activist, resetting the device and spreading a malicious file through the stolen KakaoTalk account to 36 contacts simultaneously.

The report noted that the combination of data deletion and account-based malware propagation is unprecedented in previous North Korea-linked cyberattacks, adding that it demonstrates that North Korean cyber tactics have evolved to a level capable of causing tangible harm.