This article was published on March 21, 2013

Initial investigation into malware attack on South Korea identifies Chinese IP address as source


Initial investigation into malware attack on South Korea identifies Chinese IP address as source

The South Korea government has revealed that initial investigations into the malware attack that affected networks belonging to key banks and broadcasters yesterday has been pinpointed to an IP address in China. That could support the theory that the attack was coordinated by North Korea.

Initial suggestions yesterday pointed to the possibility that the attack may have been coordinated by neighbor North Korea, which recently accused the US and allies of attacks. Reuters reports that, as yet, the government has not been able to establish the identity of its perpetrator, but North Korea has been accused of using Chinese IP addresses in the past so it doesn’t rule out the possibility that the malware offensive came from Pyongyang.

“There can be many inferences based on the fact that the IP address is based in China,” Reuters reports communications commission’s head of network policy Park Jae-moon as saying. “We’ve left open all possibilities and are trying to identify the hackers.”

The malware “paralyzed” computer networks run by broadcasters KBS, MBC and YTN, as well as the Shinhan and Nonghyup banks. Mobile operator LG Uplus was also said to have suffered an outage due to an alleged hack.

In total, yesterday’s incident was said to have impacted 32,000 computers at six organizations. The issues didn’t disrupt TV broadcasts, but Shinhan Bank’s internal system, online banking platform and ATMs were affected.

Image via Shutterstock

Get the TNW newsletter

Get the most important tech news in your inbox each week.